public async Task <RefreshTokenDm> RefreshAsync(RefreshTokenVm refreshTokenVm) { await SetActiveAccessTokenAsync(refreshTokenVm.RefreshToken); if (_activeAccessToken is null) { return(CreateInvalidResult(EResultStatus.InvalidRefreshToken)); } if (!_activeAccessToken.IsActive) { return(CreateInvalidResult(EResultStatus.InvalidRefreshToken)); } if (!IsValidationAccessToken(refreshTokenVm.AccessToken)) { return(CreateInvalidResult(EResultStatus.InvalidRefreshToken)); } if (!AccessTokenHelper.IsValidationExpirationDate(_activeAccessToken.ExpirationDate)) { return(CreateInvalidResult(EResultStatus.RefreshTokenExpired)); } return(CreateSuccessResult()); }
public void OnAuthorization(AuthorizationFilterContext context) { var guidAccessToken = ApplicationHelper.GetAuthorizationToken(context.HttpContext); if (IsNullOrWhiteSpace(guidAccessToken)) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } var jsonAccessToken = EncryptionHelper.AesDecryptString(guidAccessToken); if (IsNullOrEmpty(jsonAccessToken)) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } var accessTokenDataVm = jsonAccessToken.ObjectDeserialize <AccessTokenDataVm>(); if (accessTokenDataVm is null) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } if (!AccessTokenHelper.IsValidationExpirationDate(accessTokenDataVm.ExpirationDate)) { context.Result = CreateResult(EResultStatus.AccessTokenExpired); } }
public void OnAuthorization(AuthorizationFilterContext context) { var guidAccessToken = ApplicationHelper.GetAuthorizationToken(context.HttpContext); if (IsNullOrWhiteSpace(guidAccessToken)) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } var jsonAccessToken = EncryptionHelper.AesDecryptString(guidAccessToken); if (IsNullOrEmpty(jsonAccessToken)) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } var accessTokenDataVm = jsonAccessToken.ObjectDeserialize <AccessTokenDataVm>(); if (accessTokenDataVm is null) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } if (!AccessTokenHelper.IsValidationExpirationDate(accessTokenDataVm.ExpirationDate)) { context.Result = CreateResult(EResultStatus.AccessTokenExpired); return; } var service = context.HttpContext.RequestServices.GetService <IInMemoryUserAccessService>(); var userAccessInMemoryVm = service.Get(accessTokenDataVm.UserId); if (userAccessInMemoryVm is null) { context.Result = CreateResult(EResultStatus.InvalidToken); return; } var hasAccess = HasUserAccess(userAccessInMemoryVm.UserAccessIds); if (!hasAccess) { context.Result = CreateResult(EResultStatus.AccessDenied); } }