public async Task Logout(IOperation operation, IEnumerable <Claim> claims, string refreshToken)
{
var claimsList = claims.ToList();
var id = AuthenticationUtils.GetUserId(claimsList) ?? throw CommonExceptions.FailedToReadAuthenticationDataFromClaims(operation);
var refreshTokenId = await userDataStore.GetRefreshTokenId(operation, id, refreshToken);
if (!refreshTokenId.HasValue)
{
throw CommonExceptions.RefreshTokensAreDifferent(operation);
}
var identity = GetIdentity(claimsList);
identity?.Claims.ToList().ForEach(claim => identity.RemoveClaim(claim));
await userDataStore.RemoveRefreshToken(operation, refreshTokenId.Value);
}
public async Task <ActionResult <UserAuthorizationModel> > VerifyAuthentication() => await Execute(async operation =>
{
var userId = AuthenticationUtils.GetUserId(User.Claims);
if (userId == null)
{
throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized);
}
if (!await authenticationService.IsUserActivated(operation, userId.Value))
{
throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized, true);
}
return(new UserAuthorizationModel
{
Id = userId.Value,
Permissions = AuthenticationUtils.GetUserPermissions(User.Claims)
});
});
public async Task <RawJwtToken> RefreshToken(IOperation operation, string accessToken, string refreshToken)
{
var principal = GetClaimsPrincipalDataFromToken(operation, accessToken);
var claims = principal.Claims.ToList();
var id = AuthenticationUtils.GetUserId(claims) ?? throw CommonExceptions.FailedToReadAuthenticationDataFromClaims(operation);
if (!await userDataStore.IsUserActivated(operation, id))
{
throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized, true);
}
var refreshTokenId = await userDataStore.GetRefreshTokenId(operation, id, refreshToken);
if (!refreshTokenId.HasValue)
{
throw CommonExceptions.RefreshTokensAreDifferent(operation);
}
var user = await userDataStore.GetUserIdentityClaimsById(operation, id);
if (user == null)
{
throw CommonExceptions.AuthenticationFailed(operation);
}
var identity = GetIdentity(user);
var token = new RawJwtToken
{
AccessToken = GenerateAccessToken(identity.Claims.ToList()),
RefreshToken = AuthenticationUtils.GenerateRefreshToken()
};
await userDataStore.UpdateRefreshToken(operation, refreshTokenId.Value, token.RefreshToken);
return(token);
}
public async Task <UserAuthorizationEntity> GetUserData(IOperation operation, IEnumerable <Claim> claims)
{
var id = AuthenticationUtils.GetUserId(claims) ?? throw CommonExceptions.FailedToReadAuthenticationDataFromClaims(operation);
return(await userDataStore.GetAuthorizationById(operation, id));
}
