private Task CreateRefreshTokenAsync(AuthenticationTokenCreateContext context) { var refreshTokenLifeTimeMinutes = 3; var tokenBody = PasswordHelper.CreateShaHash(context.Ticket.Identity.Name + Guid.NewGuid()); var userId = new Guid(context.Ticket.Properties.Dictionary["UserId"]); var issuedTokenUtc = DateTime.UtcNow; var refreshToken = new RefreshToken { UserId = userId, Token = PasswordHelper.CreateShaHash(tokenBody), IssuedUtc = issuedTokenUtc, ExpiresUtc = issuedTokenUtc.AddMinutes(refreshTokenLifeTimeMinutes) }; context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc; context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc; refreshToken.ProtectedTicket = context.SerializeTicket(); var refreshTokenService = NinjectWebCommon.Bootstrapper.Kernel.Get <IRefreshTokenService>(); refreshTokenService.Add(refreshToken); context.SetToken(tokenBody); return(Task.FromResult <object>(null)); }
private Task ReceiveRefreshTokenAsync(AuthenticationTokenReceiveContext context) { var hashedRefreshToken = PasswordHelper.CreateShaHash(context.Token); var refreshTokenService = NinjectWebCommon.Bootstrapper.Kernel.Get <IRefreshTokenService>(); var existingToken = refreshTokenService.GetByToken(hashedRefreshToken); if (existingToken != null) { context.DeserializeTicket(existingToken.ProtectedTicket); refreshTokenService.Delete(existingToken); } return(Task.FromResult <object>(null)); }