public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequestViewModel model) { TempData["requestIp"] = _userService.GetIpAddress(HttpContext); if (!_tokenService.VerifyRefreshToken(model.RefreshToken, model.Email, TempData["requestIp"].ToString())) { return(new ObjectResult("Please log in again.") { StatusCode = 409 }); } AppUser user = await _userService.FindUserByEmail(model.Email); if (user == null) { return(new ObjectResult("Invalid user details.") { StatusCode = 409 }); } string role = await _userService.GetUserRoleAsync(user); return(Json(_tokenService.GenerateTokenResponse(user, role, TempData["requestIp"].ToString()))); }
public TokenControllerTests() { Thread.CurrentPrincipal = new TestPrincipalWrapper(new Claim(ClaimTypes.Email, _properEmail)); _externalLoginInfoInstance = new ExternalLoginInfo((ClaimsPrincipal)Thread.CurrentPrincipal, "Facebook", "providers_key", "some_display_name"); _returnedResponseTokenModel = new TokenResponseViewModel() { DisplayName = "foo1", Email = "foo2", RefreshToken = "foo3", Role = "foo4", Token = "foo5", User = "******" }; _properRevokeTokenModel = new RevokeTokenRequestViewModel() { UserName = _properName, Token = _properToken, RefreshToken = _properToken }; _properRefreshTokenModel = new RefreshTokenRequestViewModel() { Email = _properEmail, RefreshToken = _properToken }; _properTokenRequestModel = new TokenRequestViewModel() { Email = _properEmail, Password = _properPassword, }; _properUser = new AppUser() { Email = _properEmail }; DefaultHttpContext httpContext = new DefaultHttpContext(); TempDataDictionary tempData = new TempDataDictionary(httpContext, Mock.Of <ITempDataProvider>()) { { "requestIp", "127.0.0.1" } }; _tokenServiceMock = new Mock <ITokenService>(); _userServiceMock = new Mock <IUserService>(); _userServiceMock.Setup(mock => mock.GetIpAddress(It.IsAny <DefaultHttpContext>())).Returns("127.0.0.1"); _userServiceMock.Setup(mock => mock.FindUserByEmail(_properEmail)).ReturnsAsync(_properUser); _userServiceMock.Setup(mock => mock.FindUserByEmail(_wrongEmail)).ReturnsAsync((AppUser)null); _userServiceMock.Setup(mock => mock.VerifyUsersPassword(It.IsAny <AppUser>(), It.IsAny <string>())).ReturnsAsync(true); _userServiceMock.Setup(mock => mock.GetUserRoleAsync(It.IsAny <AppUser>())).ReturnsAsync("User"); _userServiceMock.Setup(mock => mock.GetExternalLogin()).ReturnsAsync(_externalLoginInfoInstance); _userServiceMock.Setup(mock => mock.CreateUserAsync(It.IsAny <UserRegisterViewModel>())).ReturnsAsync(true); _tokenServiceMock.Setup(mock => mock.GenerateTokenResponse(It.IsAny <AppUser>(), It.IsAny <string>(), It.IsAny <string>())).Returns(_returnedResponseTokenModel); _tokenServiceMock.Setup(mock => mock.VerifyRefreshToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())).Returns(true); _tokenServiceMock.Setup(mock => mock.RevokeTokens(_properRevokeTokenModel)).Returns(true); _controller = new TokenController(_tokenServiceMock.Object, _userServiceMock.Object) { TempData = tempData }; }
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequestViewModel refresh) { var authResponse = await _userSerice.RefreshTokenAsync( refresh.Token, refresh.RefreshToken); if (!authResponse.Success) { return(BadRequest(authResponse)); } return(Ok(authResponse)); }
private async Task RefreshToken_OnUserNotExisting_ReturnsStatusCode409() { string expectedErrorsResult = "Invalid user details."; RefreshTokenRequestViewModel model = new RefreshTokenRequestViewModel() { Email = _wrongEmail, RefreshToken = _properToken }; IActionResult result = await _controller.RefreshToken(model); ObjectResult objectResult = result as ObjectResult; Assert.NotNull(result); Assert.Equal(StatusCodes.Status409Conflict, objectResult.StatusCode); Assert.Equal(expectedErrorsResult, objectResult.Value); }