/// <summary> /// Refreshes a short-lived access token using a longer-lived refresh token /// with a new access token that has the same scope as the refresh token. /// The refresh token itself may also be refreshed. /// </summary> /// <param name="authorization">The authorization to update.</param> /// <param name="skipIfUsefulLifeExceeds">If given, the access token will <em>not</em> be refreshed if its remaining lifetime exceeds this value.</param> /// <returns>A value indicating whether the access token was actually renewed; <c>true</c> if it was renewed, or <c>false</c> if it still had useful life remaining.</returns> /// <remarks> /// This method may modify the value of the <see cref="IAuthorizationState.RefreshToken"/> property on /// the <paramref name="authorization"/> parameter if the authorization server has cycled out your refresh token. /// If the parameter value was updated, this method calls <see cref="IAuthorizationState.SaveChanges"/> on that instance. /// </remarks> public bool RefreshAuthorization(IAuthorizationState authorization, TimeSpan?skipIfUsefulLifeExceeds = null) { Requires.NotNull(authorization, "authorization"); Requires.That(!string.IsNullOrEmpty(authorization.RefreshToken), "authorization", "RefreshToken required."); if (skipIfUsefulLifeExceeds.HasValue && authorization.AccessTokenExpirationUtc.HasValue) { TimeSpan usefulLifeRemaining = authorization.AccessTokenExpirationUtc.Value - DateTime.UtcNow; if (usefulLifeRemaining > skipIfUsefulLifeExceeds.Value) { // There is useful life remaining in the access token. Don't refresh. Logger.OAuth.DebugFormat("Skipping token refresh step because access token's remaining life is {0}, which exceeds {1}.", usefulLifeRemaining, skipIfUsefulLifeExceeds.Value); return(false); } } var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = authorization.RefreshToken, }; this.ApplyClientCredential(request); var response = this.Channel.Request <AccessTokenSuccessResponse>(request); UpdateAuthorizationWithResponse(authorization, response); return(true); }
public IAuthorizationState GetScopedAccessTokenAsync(string refreshToken, HashSet <string> scope, CancellationToken cancellationToken) { var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = refreshToken }; this.ApplyClientCredential(request); var response = this.Channel.RequestAsync <AccessTokenSuccessResponse>(request, cancellationToken); var authorization = new AuthorizationState(); UpdateAuthorizationWithResponse(authorization, response); return(authorization); }
/// <summary> /// Gets an access token that may be used for only a subset of the scope for which a given /// refresh token is authorized. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="scope">The scope subset desired in the access token.</param> /// <returns>A description of the obtained access token, and possibly a new refresh token.</returns> /// <remarks> /// If the return value includes a new refresh token, the old refresh token should be discarded and /// replaced with the new one. /// </remarks> public IAuthorizationState GetScopedAccessToken(string refreshToken, HashSet <string> scope) { Contract.Ensures(Contract.Result <IAuthorizationState>() != null); var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = refreshToken, }; this.ApplyClientCredential(request); var response = this.Channel.Request <AccessTokenSuccessResponse>(request); var authorization = new AuthorizationState(); UpdateAuthorizationWithResponse(authorization, response); return(authorization); }
/// <summary> /// Gets an access token that may be used for only a subset of the scope for which a given /// refresh token is authorized. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="scope">The scope subset desired in the access token.</param> /// <returns>A description of the obtained access token, and possibly a new refresh token.</returns> /// <remarks> /// If the return value includes a new refresh token, the old refresh token should be discarded and /// replaced with the new one. /// </remarks> public IAuthorizationState GetScopedAccessToken(string refreshToken, HashSet <string> scope) { Requires.NotNullOrEmpty(refreshToken, "refreshToken"); Requires.NotNull(scope, "scope"); var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = refreshToken, }; this.ApplyClientCredential(request); var response = this.Channel.Request <AccessTokenSuccessResponse>(request); var authorization = new AuthorizationState(); UpdateAuthorizationWithResponse(authorization, response); return(authorization); }
public bool RefreshAuthorizationAsync(IAuthorizationState authorization, TimeSpan?skipIfUsefulLifeExceeds = null, CancellationToken cancellationToken = default(CancellationToken)) { if (skipIfUsefulLifeExceeds.HasValue && authorization.AccessTokenExpirationUtc.HasValue) { TimeSpan usefulLifeRemaining = authorization.AccessTokenExpirationUtc.Value - DateTime.UtcNow; if (usefulLifeRemaining > skipIfUsefulLifeExceeds.Value) { Logger.OAuth.DebugFormat("Skipping token refresh step because access token's remaining life is {0}, which exceeds {1}.", usefulLifeRemaining, skipIfUsefulLifeExceeds.Value); return(false); } } var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = authorization.RefreshToken }; this.ApplyClientCredential(request); var response = this.Channel.RequestAsync <AccessTokenSuccessResponse>(request, cancellationToken); UpdateAuthorizationWithResponse(authorization, response); return(true); }
/// <summary> /// Refreshes a short-lived access token using a longer-lived refresh token /// with a new access token that has the same scope as the refresh token. /// The refresh token itself may also be refreshed. /// </summary> /// <param name="authorization">The authorization to update.</param> /// <param name="skipIfUsefulLifeExceeds">If given, the access token will <em>not</em> be refreshed if its remaining lifetime exceeds this value.</param> /// <returns>A value indicating whether the access token was actually renewed; <c>true</c> if it was renewed, or <c>false</c> if it still had useful life remaining.</returns> /// <remarks> /// This method may modify the value of the <see cref="IAuthorizationState.RefreshToken"/> property on /// the <paramref name="authorization"/> parameter if the authorization server has cycled out your refresh token. /// If the parameter value was updated, this method calls <see cref="IAuthorizationState.SaveChanges"/> on that instance. /// </remarks> public bool RefreshAuthorization(IAuthorizationState authorization, TimeSpan?skipIfUsefulLifeExceeds = null) { if (skipIfUsefulLifeExceeds.HasValue && authorization.AccessTokenExpirationUtc.HasValue) { TimeSpan usefulLifeRemaining = authorization.AccessTokenExpirationUtc.Value - DateTime.UtcNow; if (usefulLifeRemaining > skipIfUsefulLifeExceeds.Value) { return(false); } } var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, RefreshToken = authorization.RefreshToken, }; this.ApplyClientCredential(request); var response = this.Channel.Request <AccessTokenSuccessResponse>(request); UpdateAuthorizationWithResponse(authorization, response); return(true); }