public IActionResult RefreshToken([FromBody] TokenRefresh token) { // Check if token exists var dbToken = _token.GetToken(token.Token).FirstOrDefault(); if (dbToken == null) { return(new UnauthorizedResult()); } throw new NotImplementedException(); }
public async Task <Result <UserWithToken> > ExchangeRefreshToken(TokenRefresh request, CancellationToken cancellationToken = default) { var cp = _tokenValidator.GetPrincipalFromToken(request.AccessToken, _tokenSecret.SecretString); if (cp != null) { var userId = cp.Claims.First(c => c.Type == "id"); var isRemovedRefreshToken = await _userService.DeleteRefreshTokenAsync(request.RefreshToken, userId.Value, cancellationToken); // delete the token we've exchanged if (isRemovedRefreshToken.IsSuccess) { var user = await _userManager.FindByIdAsync(userId.Value); if (user == null) { return(Result <UserWithToken> .Quite <UserWithToken>(ExceptionConstants.USER_DOES_NOT_EXISTS)); } var profile = await _userService.GetUserByIdFromIdentityAsync(user.Id, cancellationToken); var token = await GenerateToken(user); if (profile.IsError || string.IsNullOrEmpty(token.Data)) { return(Result <UserWithToken> .Fail <UserWithToken>(profile.Message + NotificationConstans.TOKEN_IS_NULL)); } UserWithToken result = new UserWithToken() { UserView = profile.Data, UserToken = token.Data, RefreshToken = GenerateRefreshToken(), ExpiresIn = NumberСonstants.REFRESH }; var isRefreshToketAdded = await _userService.AddRefreshTokenAsync(result.RefreshToken, profile.Data.UserDTO.IdFromIdentity); // add the new one if (isRefreshToketAdded.IsError) { return(Result <UserWithToken> .Fail <UserWithToken>(isRefreshToketAdded.Message)); } return(Result <UserWithToken> .Ok(result)); } return(Result <UserWithToken> .Fail <UserWithToken>(isRemovedRefreshToken.Message)); } return(Result <UserWithToken> .Quite <UserWithToken>(ExceptionConstants.CLAIM_PRINCIPAL_ERROR)); }
public static async Task RefreshToken(TokenRefresh data) { await DataBaseHelper.Instance.ExecuteNonQuery(StoredProcedure.TOKEN_REFRESH, delegate(SqlCommand cmd) { if (data.LoginToken.Contains('-')) { cmd.Parameters.AddWithValue("@LoginToken", data.LoginToken); } else { cmd.Parameters.AddWithValue("@UserId", data.LoginToken.ToFlatString().Split(',')[1]); } cmd.Parameters.AddWithValue("@NotificationToken", data.NotificationToken); }); }
/// <summary> /// Returns true if OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties instances are equal /// </summary> /// <param name="other">Instance of OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties to be compared</param> /// <returns>Boolean</returns> public bool Equals(OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties other) { if (other is null) { return(false); } if (ReferenceEquals(this, other)) { return(true); } return (( TokenExpiration == other.TokenExpiration || TokenExpiration != null && TokenExpiration.Equals(other.TokenExpiration) ) && ( TokenLength == other.TokenLength || TokenLength != null && TokenLength.Equals(other.TokenLength) ) && ( TokenRefresh == other.TokenRefresh || TokenRefresh != null && TokenRefresh.Equals(other.TokenRefresh) ) && ( TokenCleanupThreshold == other.TokenCleanupThreshold || TokenCleanupThreshold != null && TokenCleanupThreshold.Equals(other.TokenCleanupThreshold) ) && ( PasswordHashAlgorithm == other.PasswordHashAlgorithm || PasswordHashAlgorithm != null && PasswordHashAlgorithm.Equals(other.PasswordHashAlgorithm) ) && ( PasswordHashIterations == other.PasswordHashIterations || PasswordHashIterations != null && PasswordHashIterations.Equals(other.PasswordHashIterations) ) && ( PasswordSaltSize == other.PasswordSaltSize || PasswordSaltSize != null && PasswordSaltSize.Equals(other.PasswordSaltSize) )); }
public async Task <IActionResult> RefreshToken([FromBody] TokenRefresh request, CancellationToken cancellationToken = default(CancellationToken)) { try { var result = await _identityService.ExchangeRefreshToken(request, cancellationToken); return(result.IsError ? throw new InvalidOperationException(result.Message) : result.IsSuccess ? (IActionResult)Ok(result.Data) : StatusCode(StatusCodes.Status206PartialContent, result.Message.CollectProblemDetailsPartialContent(HttpContext))); } catch (InvalidOperationException ex) { Log.Error(ex, ex.Message); return(StatusCode(StatusCodes.Status500InternalServerError, new CustumResult() { Status = StatusCodes.Status500InternalServerError, Message = ex.Message })); } }
public async Task <TokenRefresh> GenerateRefreshToken(string ipAddress, Guid userId) { using (var rngCryptoServiceProvider = new RNGCryptoServiceProvider()) { var randomBytes = new byte[64]; rngCryptoServiceProvider.GetBytes(randomBytes); var token = new TokenRefresh { Token = Convert.ToBase64String(randomBytes), Expires = DateTime.UtcNow.AddDays(7), CreatedDate = DateTime.UtcNow, CreatedByIp = ipAddress, CreatorId = userId }; await _tokenRefreshRepository.AddAsync(token); return(token); } }
/// <summary> /// Gets the hash code /// </summary> /// <returns>Hash code</returns> public override int GetHashCode() { unchecked // Overflow is fine, just wrap { var hashCode = 41; // Suitable nullity checks etc, of course :) if (TokenExpiration != null) { hashCode = hashCode * 59 + TokenExpiration.GetHashCode(); } if (TokenLength != null) { hashCode = hashCode * 59 + TokenLength.GetHashCode(); } if (TokenRefresh != null) { hashCode = hashCode * 59 + TokenRefresh.GetHashCode(); } if (TokenCleanupThreshold != null) { hashCode = hashCode * 59 + TokenCleanupThreshold.GetHashCode(); } if (PasswordHashAlgorithm != null) { hashCode = hashCode * 59 + PasswordHashAlgorithm.GetHashCode(); } if (PasswordHashIterations != null) { hashCode = hashCode * 59 + PasswordHashIterations.GetHashCode(); } if (PasswordSaltSize != null) { hashCode = hashCode * 59 + PasswordSaltSize.GetHashCode(); } return(hashCode); } }
public async Task <TokenRefresh> RefreshTokenAsync(RefreshToken refreshtoken) { LoginInfo loginInfo = new LoginInfo(); loginInfo.UserName = _ctx.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Name).Value; string rolestr = _ctx.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Role).Value; string oldtoken = _ctx.HttpContext.Request.Headers["Authorization"].ToString().Remove(0, 7); LoggerClassLib.ActivityLog <string> .Logger("RefreshToken Request", JsonConvert.SerializeObject(refreshtoken)); LoggerClassLib.ActivityLog <string> .Logger("oldtoken", oldtoken); loginInfo.RoleMap = JsonConvert.DeserializeObject <List <RoleMap> >(rolestr); var resp = await _appPermissions.CheckValidRefreshTokenAsync(refreshtoken.token, oldtoken); if (!resp) { throw new BadRequestException(new GeneralResponse { code = "400", message = "Invalid RefreshToken/Token" }); } loginInfo = await GetTokenAsync(loginInfo, appID); await _appPermissions.DeleteRefreshTokenAsync(refreshtoken.token, oldtoken); TokenRefresh tokenRefresh = new TokenRefresh { Token = loginInfo.Token, RefreshToken = loginInfo.RefreshToken }; LoggerClassLib.ActivityLog <string> .Logger("RefreshToken Response", JsonConvert.SerializeObject(tokenRefresh), appID); return(tokenRefresh); }
public async Task <TokenRefresh> UpdateRefreshToken(string ipAddress, TokenRefresh oldTokenRefresh) { using (var rngCryptoServiceProvider = new RNGCryptoServiceProvider()) { var randomBytes = new byte[64]; rngCryptoServiceProvider.GetBytes(randomBytes); var token = new TokenRefresh { Token = Convert.ToBase64String(randomBytes), Expires = DateTime.UtcNow.AddDays(7), CreatedDate = DateTime.UtcNow, CreatedByIp = ipAddress, CreatorId = oldTokenRefresh.CreatorId }; await _tokenRefreshRepository.AddAsync(token); oldTokenRefresh.Revoked = DateTime.Now; oldTokenRefresh.RevokedByIp = ipAddress; oldTokenRefresh.ReplacedByToken = token.Token; await _tokenRefreshRepository.UpdateAsync(oldTokenRefresh.Id, oldTokenRefresh); return(token); } }
private async Task RefreshToken() { if (TokenResult == null || string.IsNullOrEmpty(TokenResult.RefreshToken) || !TokenResult.TokenNeedsRefresh()) { return; } var refresh = new TokenRefresh(_credentials.ClientId, TokenResult.RefreshToken, _credentials.ClientSecret); var requestMsg = await GetHttpResponse <TokenResult>(HttpMethod.Post, "oauth/token", JsonConvert.SerializeObject(refresh)); var tokenMsg = await requestMsg.Content.ReadAsStringAsync(); var result = JsonConvert.DeserializeObject <TokenResult>(tokenMsg); if (!string.IsNullOrEmpty(result.RefreshToken)) { TokenResult.RefreshToken = result.RefreshToken; } TokenResult.ExpiresIn = result.ExpiresIn; TokenResult.IssueTime = DateTimeOffset.UtcNow; TokenResult.AccessToken = result.AccessToken; }
public void InsertToken(TokenRefresh data) { FDIDB.TokenRefreshes.Add(data); }
public void DeleteTokenRefresh(TokenRefresh token) { FDIDB.Entry(token).State = System.Data.Entity.EntityState.Deleted; }
public async Task <IActionResult> RefreshToken(TokenRefresh tokenRefresh) { var result = await tokenService.RefreshTokenAsync(tokenRefresh.RefreshToken, tokenRefresh.AccessToken); return(this.FromResult(result)); }
public Task <IActionResult> RefreshTokenAsync([FromBody] TokenRefresh tokenRefresh) { // TODO: implement token refresh return(Task.FromResult((IActionResult)Unauthorized())); }