public virtual async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientId = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientId))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
await Task.Run(() => {
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
var token = new OAuthRefreshToken()
{
Key = refreshTokenId.GenerateHash(),
ClientId = clientId,
Subject = context.Ticket.Identity.Name,
UserType = UserType.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime))
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
token.ProtectedTicket = context.SerializeTicket();
this._oauthStore.AddRefreshToken(token);
});
context.SetToken(refreshTokenId);
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
var token = new OAuthRefreshToken()
{
Id = refreshTokenId,
ClientId = clientid,
Subject = context.Ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime))
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
token.ProtectedTicket = context.SerializeTicket();
_refrshTokenStore.Add(token);
context.SetToken(refreshTokenId);
}
public void Save(OAuthRefreshToken refreshToken)
{
if (Storage.ContainsKey(refreshToken.Token))
{
Storage.Remove(refreshToken.Token);
}
Storage.Add(refreshToken.Token, refreshToken);
}
public void AddRefreshToken(OAuthRefreshToken token)
{
this.Db.Execute("DELETE FROM [OAuthRefreshToken] WHERE [Subject] = @0 AND [ClientId] = @1 AND [UserType] = @3",
token.Subject,
token.ClientId,
token.UserType);
this.Db.Save(token);
}
public void AddRefreshToken(OAuthRefreshToken token)
{
Db.Execute("DELETE FROM [OAuthRefreshToken] WHERE [Subject] = @0 AND [UserType] = @1 AND [Realm] = @2 AND [ClientId] = @3",
token.Subject,
token.UserType,
token.Realm,
token.ClientId);
Db.Save(token);
}
protected OAuthTokenResponse GenerateTokenResponse(string username, string deviceId)
{
// Construct an identity
var claims = Context.Services.UserService.GetUserClaims(username);
var identity = new ClaimsIdentity("OAuth");
identity.AddClaim(new Claim(ClaimTypes.Name, username));
identity.AddClaim(new Claim(OAuth.ClaimTypes.Realm, Context.Realm));
if (!deviceId.IsNullOrWhiteSpace())
{
identity.AddClaim(new Claim(OAuth.ClaimTypes.DeviceId, deviceId));
}
identity.AddClaims(claims);
var response = new OAuthTokenResponse
{
access_token = Context.Services.TokenService.GenerateToken(identity, Context.Options.AccessTokenLifeTime),
token_type = "bearer",
expires_in = Context.Options.AccessTokenLifeTime * 60
};
// If we have a token store, create a refresh token
if (Context.Services.RefreshTokenStore != null)
{
var refreshTokenId = Guid.NewGuid().ToString("n");
var refreshTokenLifeTime = Client?.RefreshTokenLifeTime ?? Context.Options.RefreshTokenLifeTime;
var token = new OAuthRefreshToken
{
Key = refreshTokenId.GenerateHash(),
Subject = username,
UserType = Context.Services.UserService.UserType,
Realm = Context.Realm,
ClientId = Client != null ? Client.ClientId : OAuth.DefaultClientId,
DeviceId = deviceId.IsNullOrWhiteSpace() ? null : deviceId,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(refreshTokenLifeTime),
ProtectedTicket = response.SerializeToJson().Encrypt(Context.Options.SymmetricKey)
};
Context.Services.RefreshTokenStore.AddRefreshToken(token);
response.refresh_token = refreshTokenId;
}
return(response);
}
public void AddRefreshToken(OAuthRefreshToken token)
{
using (var scope = Current.ScopeProvider.CreateScope(autoComplete: true))
{
scope.Database.Execute("DELETE FROM [OAuthRefreshToken] WHERE [Subject] = @0 AND [UserType] = @1 AND [Realm] = @2 AND [ClientId] = @3 AND [DeviceId] = @4",
token.Subject,
token.UserType,
token.Realm,
token.ClientId,
token.DeviceId);
scope.Database.Save(token);
}
}
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
string hashedTokenId = context.Token.GetHash();
CommonBusiness commonBu = new CommonBusiness();
OAuthRefreshToken refreshToken = commonBu.FindByProperty <OAuthRefreshToken>("TokenId", hashedTokenId, "")[0];
if (refreshToken != null)
{
//Get protectedTicket from refreshToken class
context.DeserializeTicket(refreshToken.Authentication);
commonBu.getDbContext().OAuthRefreshTokens.Remove(refreshToken);
commonBu.getDbContext().SaveChanges();
}
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
CommonBusiness commonBu = new CommonBusiness();
var token = new OAuthRefreshToken()
{
TokenId = refreshTokenId.GetHash(),
Authentication = context.SerializeTicket()
};
commonBu.Save(token);
commonBu.getDbContext().SaveChanges();
context.SetToken(refreshTokenId);
}
public async Task <AuthorizationRolesRefresh> RefreshTokenCredentialsAuthorizationAsync(OAuthRefreshToken refreshToken)
{
var result = new AuthorizationRolesRefresh();
try
{
var userClaims = await _auth.LoginRefreshTokenAsync(refreshToken.Client_id, refreshToken.Client_secret, refreshToken.Refresh_token);
result.Authorized = userClaims != null && userClaims.Id > 0;
if (result.Authorized)
{
result.ExpireTimeMinutes = _authConfiguration.ExpireTimeMinutes_Password;
result.Claims = new Claim[]
{
new Claim("Client_Identification", userClaims.ClientIdentification),
new Claim("Id_User", userClaims.Id.ToString()),
new Claim("Email", userClaims.Email),
new Claim("User_Identification", userClaims.Identification),
new Claim("AcceptTerm", userClaims.AcceptTerm ? "true": "false"),
new Claim("Account_Id", userClaims.AccountId.ToString()),
new Claim("RefreshToken", userClaims.RefreshToken),
};
result.RefreshToken = userClaims.RefreshToken;
}
}
catch (Exception e)
{
result.Authorized = false;
result.Errors.Add(e.GetBaseException().Message);
}
return(result);
}
public void Add(OAuthRefreshToken refreshToken)
{
RefreshTokens.Add(refreshToken);
}
