public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequestViewModel model)
{
TempData["requestIp"] = _userService.GetIpAddress(HttpContext);
if (!_tokenService.VerifyRefreshToken(model.RefreshToken, model.Email, TempData["requestIp"].ToString()))
{
return(new ObjectResult("Please log in again.")
{
StatusCode = 409
});
}
AppUser user = await _userService.FindUserByEmail(model.Email);
if (user == null)
{
return(new ObjectResult("Invalid user details.")
{
StatusCode = 409
});
}
string role = await _userService.GetUserRoleAsync(user);
return(Json(_tokenService.GenerateTokenResponse(user, role, TempData["requestIp"].ToString())));
}
public TokenControllerTests()
{
Thread.CurrentPrincipal = new TestPrincipalWrapper(new Claim(ClaimTypes.Email, _properEmail));
_externalLoginInfoInstance = new ExternalLoginInfo((ClaimsPrincipal)Thread.CurrentPrincipal, "Facebook", "providers_key", "some_display_name");
_returnedResponseTokenModel = new TokenResponseViewModel()
{
DisplayName = "foo1",
Email = "foo2",
RefreshToken = "foo3",
Role = "foo4",
Token = "foo5",
User = "******"
};
_properRevokeTokenModel = new RevokeTokenRequestViewModel()
{
UserName = _properName,
Token = _properToken,
RefreshToken = _properToken
};
_properRefreshTokenModel = new RefreshTokenRequestViewModel()
{
Email = _properEmail,
RefreshToken = _properToken
};
_properTokenRequestModel = new TokenRequestViewModel()
{
Email = _properEmail,
Password = _properPassword,
};
_properUser = new AppUser()
{
Email = _properEmail
};
DefaultHttpContext httpContext = new DefaultHttpContext();
TempDataDictionary tempData = new TempDataDictionary(httpContext, Mock.Of <ITempDataProvider>())
{
{ "requestIp", "127.0.0.1" }
};
_tokenServiceMock = new Mock <ITokenService>();
_userServiceMock = new Mock <IUserService>();
_userServiceMock.Setup(mock => mock.GetIpAddress(It.IsAny <DefaultHttpContext>())).Returns("127.0.0.1");
_userServiceMock.Setup(mock => mock.FindUserByEmail(_properEmail)).ReturnsAsync(_properUser);
_userServiceMock.Setup(mock => mock.FindUserByEmail(_wrongEmail)).ReturnsAsync((AppUser)null);
_userServiceMock.Setup(mock => mock.VerifyUsersPassword(It.IsAny <AppUser>(), It.IsAny <string>())).ReturnsAsync(true);
_userServiceMock.Setup(mock => mock.GetUserRoleAsync(It.IsAny <AppUser>())).ReturnsAsync("User");
_userServiceMock.Setup(mock => mock.GetExternalLogin()).ReturnsAsync(_externalLoginInfoInstance);
_userServiceMock.Setup(mock => mock.CreateUserAsync(It.IsAny <UserRegisterViewModel>())).ReturnsAsync(true);
_tokenServiceMock.Setup(mock => mock.GenerateTokenResponse(It.IsAny <AppUser>(), It.IsAny <string>(), It.IsAny <string>())).Returns(_returnedResponseTokenModel);
_tokenServiceMock.Setup(mock => mock.VerifyRefreshToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())).Returns(true);
_tokenServiceMock.Setup(mock => mock.RevokeTokens(_properRevokeTokenModel)).Returns(true);
_controller = new TokenController(_tokenServiceMock.Object, _userServiceMock.Object)
{
TempData = tempData
};
}
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequestViewModel refresh)
{
var authResponse = await _userSerice.RefreshTokenAsync(
refresh.Token,
refresh.RefreshToken);
if (!authResponse.Success)
{
return(BadRequest(authResponse));
}
return(Ok(authResponse));
}
private async Task RefreshToken_OnUserNotExisting_ReturnsStatusCode409()
{
string expectedErrorsResult = "Invalid user details.";
RefreshTokenRequestViewModel model = new RefreshTokenRequestViewModel()
{
Email = _wrongEmail, RefreshToken = _properToken
};
IActionResult result = await _controller.RefreshToken(model);
ObjectResult objectResult = result as ObjectResult;
Assert.NotNull(result);
Assert.Equal(StatusCodes.Status409Conflict, objectResult.StatusCode);
Assert.Equal(expectedErrorsResult, objectResult.Value);
}
