private async Task <string> RetrieveBearerAccessToken() { var cacheId = this.GetType().FullName; var clientAccessToken = await _clientAccessTokenCache.GetAsync(cacheId); if (clientAccessToken != null) { return(clientAccessToken.AccessToken); } var disco = await _discoveryCache.GetAsync(); var tokenEndpoint = disco.TokenEndpoint; var http = _httpClientFactory.CreateClient(); var token = await http.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest { Address = tokenEndpoint, ClientAssertion = new ClientAssertion { Type = OidcConstants.ClientAssertionTypes.JwtBearer, Value = _tokenGenerator.CreateClientAuthJwt() } }); await _clientAccessTokenCache.SetAsync(cacheId, token.AccessToken, token.ExpiresIn); if (!token.IsError) { return(token.AccessToken); } _logger.LogError(token.Exception, token.ErrorDescription); throw new Exception(token.ErrorDescription, token.Exception); }
/// <inheritdoc/> public async Task <string> GetClientAccessTokenAsync(string clientName = "default") { var item = await _clientAccessTokenCache.GetAsync(clientName); if (item != null) { return(item.AccessToken); } try { return(await _clientTokenRequestDictionary.GetOrAdd(clientName, (string _) => { return new Lazy <Task <string> >(async() => { var response = await _tokenEndpointService.RequestClientAccessToken(clientName); if (response.IsError) { _logger.LogError("Error requesting access token for client {clientName}. Error = {error}", clientName, response.Error); return null; } await _clientAccessTokenCache.SetAsync(clientName, response.AccessToken, response.ExpiresIn); return response.AccessToken; }); }).Value); } finally { _clientTokenRequestDictionary.TryRemove(clientName, out _); } }
public async Task <string> GetTokenAsync(string incomingToken, string apiScope) { var item = await _clientAccessTokenCache .GetAsync($"shoppingbaskettodownstreamtokenexchangeclient_{apiScope}"); if (item != null) { return(item.AccessToken); } var client = _httpClientFactory.CreateClient(); var discoveryDocumentResponse = await client .GetDiscoveryDocumentAsync("https://localhost:5010/"); if (discoveryDocumentResponse.IsError) { throw new Exception(discoveryDocumentResponse.Error); } var customParams = new Dictionary <string, string> { { "subject_token_type", "urn:ietf:params:oauth:token-type:access_token" }, { "subject_token", incomingToken }, { "scope", $"openid profile {apiScope}" } }; var tokenResponse = await client.RequestTokenAsync(new TokenRequest() { Address = discoveryDocumentResponse.TokenEndpoint, GrantType = "urn:ietf:params:oauth:grant-type:token-exchange", Parameters = customParams, ClientId = "shoppingbaskettodownstreamtokenexchangeclient", ClientSecret = "0cdea0bc-779e-4368-b46b-09956f70712c" }); if (tokenResponse.IsError) { throw new Exception(tokenResponse.Error); } await _clientAccessTokenCache.SetAsync( $"shoppingbaskettodownstreamtokenexchangeclient_{apiScope}", tokenResponse.AccessToken, tokenResponse.ExpiresIn); return(tokenResponse.AccessToken); }
public async Task <string> GetTokenAsync(string incomingToken, string apiScope) { var item = await _clientAccessTokenCache .GetAsync($"hesstoytrucks_baskets_to_downstream_tokenexchange_{apiScope}"); if (item != null) { return(item.AccessToken); } var client = _httpClientFactory.CreateClient(); var discoveryDocumentResponse = await client .GetDiscoveryDocumentAsync(_config["IdentityServerUrl"]); if (discoveryDocumentResponse.IsError) { throw new Exception(discoveryDocumentResponse.Error); } var customParams = new Dictionary <string, string> { { "subject_token_type", "urn:ietf:params:oauth:token-type:access_token" }, { "subject_token", incomingToken }, { "scope", $"{apiScope}" } }; var tokenResponse = await client.RequestTokenAsync(new TokenRequest() { Address = discoveryDocumentResponse.TokenEndpoint, GrantType = "urn:ietf:params:oauth:grant-type:token-exchange", Parameters = customParams, ClientId = "hesstoytrucks_baskets_to_downstream_tokenexchange", ClientSecret = "b438b4c0-9963-444d-882f-74a754e667d1" }); if (tokenResponse.IsError) { throw new Exception(tokenResponse.Error); } await _clientAccessTokenCache.SetAsync( $"hesstoytrucks_baskets_to_downstream_tokenexchange_{apiScope}", tokenResponse.AccessToken, tokenResponse.ExpiresIn); return(tokenResponse.AccessToken); }
public async Task <string> GetAccessToken(string incomingToken) { var item = await _clientAccessTokenCache .GetAsync("gatewaytodownstreamtokenexchangeclient_eventcatalog"); if (item != null) { return(item.AccessToken); } var(accessToken, expiresIn) = await ExchangeToken(incomingToken); await _clientAccessTokenCache.SetAsync( "gatewaytodownstreamtokenexchangeclient_eventcatalog", accessToken, expiresIn); return(accessToken); }
public async Task <string> GetToken() { var currentToken = await _clientAccessTokenCache.GetAsync("WebClientToken"); if (currentToken != null) { return(currentToken.AccessToken); } var discover = await _httpClient.GetDiscoveryDocumentAsync(new DiscoveryDocumentRequest() { Address = _serviceApiSettings.IdentityBaseUri, Policy = new DiscoveryPolicy() { RequireHttps = false } }); if (discover.IsError) { throw discover.Exception; } var clientCredentialTokenRequest = new ClientCredentialsTokenRequest() { ClientId = _clientSettings.WebMvcClient.ClientId, ClientSecret = _clientSettings.WebMvcClient.ClientSecret, Address = discover.TokenEndpoint }; var newToken = await _httpClient.RequestClientCredentialsTokenAsync(clientCredentialTokenRequest); if (newToken.IsError) { throw newToken.Exception; } await _clientAccessTokenCache.SetAsync("WebClientToken", newToken.AccessToken, newToken.ExpiresIn); return(newToken.AccessToken); }
/// <inheritdoc/> public async Task <string> GetClientAccessTokenAsync( string clientName = AccessTokenManagementDefaults.DefaultTokenClientName, ClientAccessTokenParameters parameters = null, CancellationToken cancellationToken = default) { parameters ??= new ClientAccessTokenParameters(); if (parameters.ForceRenewal == false) { var item = await _clientAccessTokenCache.GetAsync(clientName, parameters, cancellationToken); if (item != null) { return(item.AccessToken); } } try { return(await _sync.Dictionary.GetOrAdd(clientName, _ => { return new Lazy <Task <string> >(async() => { var response = await _tokenEndpointService.RequestClientAccessToken(clientName, parameters, cancellationToken); if (response.IsError) { _logger.LogError("Error requesting access token for client {clientName}. Error = {error}", clientName, response.Error); return null; } await _clientAccessTokenCache.SetAsync(clientName, response.AccessToken, response.ExpiresIn, parameters, cancellationToken); return response.AccessToken; }); }).Value); } finally { _sync.Dictionary.TryRemove(clientName, out _); } }
private async Task <string> EnsureGetAccessTokenAsync(string incomingToken) { var clientAccessToken = await _tokenCache.GetAsync(ClientIds.GatewayDownstreamTokenExchanger); if (clientAccessToken != null) { return(clientAccessToken.AccessToken); } // 현재 expire되지 않은 유효한 토큰이 없다. 새로 발급받아야 한다. var tokenResponse = await ExchangeToken(incomingToken); await _tokenCache.SetAsync( ClientIds.GatewayDownstreamTokenExchanger, tokenResponse.AccessToken, tokenResponse.ExpiresIn ); return(tokenResponse.AccessToken); }
private async Task <string> GetAccessToken(string incomingToken) { var item = await _clientAccessTokenCache .GetAsync("hesstoytrucks_gateway_to_apis_tokenexchange_catalog"); if (item != null) { System.Console.WriteLine($"token is in cache"); return(item.AccessToken); } var(accessToken, expiresIn) = await ExchangeToken(incomingToken); await _clientAccessTokenCache.SetAsync( "hesstoytrucks_gateway_to_apis_tokenexchange_catalog", accessToken, expiresIn); System.Console.WriteLine($"Token is new. It will expire in {expiresIn}"); return(accessToken); }
public async Task <Response <string> > ConnectTokenAsync() { Response <string> response = null; ClientAccessToken currentToken = await clientAccessTokenCache.GetAsync("WebClientToken"); if (currentToken is not null) { response = Response <string> .Success(currentToken.AccessToken, StatusCodes.Status200OK); logger.LogResponse(response); return(response); } TokenResponse res = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest() { Address = "connect/token", ClientId = clientSettings.WebClient.ClientId, ClientSecret = clientSettings.WebClient.ClientSecret, Scope = "IdentityServerApi" }); if (res.IsError) { response = await res.GetResponseAsync <string>(true, "TokenService/ConnectTokenAsync", "Token alınırken beklenmedik bir hata ile karşılaşıldı"); logger.LogResponse(response); return(response); } await clientAccessTokenCache.SetAsync("WebClientToken", res.AccessToken, res.ExpiresIn); response = Response <string> .Success(res.AccessToken, (int)res.HttpStatusCode); logger.LogResponse(response); return(response); }