public IActionResult RefreshToken([FromBody] TokenRefresh token)
{
// Check if token exists
var dbToken = _token.GetToken(token.Token).FirstOrDefault();
if (dbToken == null)
{
return(new UnauthorizedResult());
}
throw new NotImplementedException();
}
public async Task <Result <UserWithToken> > ExchangeRefreshToken(TokenRefresh request, CancellationToken cancellationToken = default)
{
var cp = _tokenValidator.GetPrincipalFromToken(request.AccessToken, _tokenSecret.SecretString);
if (cp != null)
{
var userId = cp.Claims.First(c => c.Type == "id");
var isRemovedRefreshToken = await _userService.DeleteRefreshTokenAsync(request.RefreshToken, userId.Value, cancellationToken); // delete the token we've exchanged
if (isRemovedRefreshToken.IsSuccess)
{
var user = await _userManager.FindByIdAsync(userId.Value);
if (user == null)
{
return(Result <UserWithToken> .Quite <UserWithToken>(ExceptionConstants.USER_DOES_NOT_EXISTS));
}
var profile = await _userService.GetUserByIdFromIdentityAsync(user.Id, cancellationToken);
var token = await GenerateToken(user);
if (profile.IsError || string.IsNullOrEmpty(token.Data))
{
return(Result <UserWithToken> .Fail <UserWithToken>(profile.Message + NotificationConstans.TOKEN_IS_NULL));
}
UserWithToken result = new UserWithToken()
{
UserView = profile.Data,
UserToken = token.Data,
RefreshToken = GenerateRefreshToken(),
ExpiresIn = NumberСonstants.REFRESH
};
var isRefreshToketAdded = await _userService.AddRefreshTokenAsync(result.RefreshToken, profile.Data.UserDTO.IdFromIdentity); // add the new one
if (isRefreshToketAdded.IsError)
{
return(Result <UserWithToken> .Fail <UserWithToken>(isRefreshToketAdded.Message));
}
return(Result <UserWithToken> .Ok(result));
}
return(Result <UserWithToken> .Fail <UserWithToken>(isRemovedRefreshToken.Message));
}
return(Result <UserWithToken> .Quite <UserWithToken>(ExceptionConstants.CLAIM_PRINCIPAL_ERROR));
}
public static async Task RefreshToken(TokenRefresh data)
{
await DataBaseHelper.Instance.ExecuteNonQuery(StoredProcedure.TOKEN_REFRESH, delegate(SqlCommand cmd)
{
if (data.LoginToken.Contains('-'))
{
cmd.Parameters.AddWithValue("@LoginToken", data.LoginToken);
}
else
{
cmd.Parameters.AddWithValue("@UserId", data.LoginToken.ToFlatString().Split(',')[1]);
}
cmd.Parameters.AddWithValue("@NotificationToken", data.NotificationToken);
});
}
/// <summary>
/// Returns true if OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties instances are equal
/// </summary>
/// <param name="other">Instance of OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(OrgApacheJackrabbitOakSecurityAuthenticationTokenTokenConfiguraProperties other)
{
if (other is null)
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
TokenExpiration == other.TokenExpiration ||
TokenExpiration != null &&
TokenExpiration.Equals(other.TokenExpiration)
) &&
(
TokenLength == other.TokenLength ||
TokenLength != null &&
TokenLength.Equals(other.TokenLength)
) &&
(
TokenRefresh == other.TokenRefresh ||
TokenRefresh != null &&
TokenRefresh.Equals(other.TokenRefresh)
) &&
(
TokenCleanupThreshold == other.TokenCleanupThreshold ||
TokenCleanupThreshold != null &&
TokenCleanupThreshold.Equals(other.TokenCleanupThreshold)
) &&
(
PasswordHashAlgorithm == other.PasswordHashAlgorithm ||
PasswordHashAlgorithm != null &&
PasswordHashAlgorithm.Equals(other.PasswordHashAlgorithm)
) &&
(
PasswordHashIterations == other.PasswordHashIterations ||
PasswordHashIterations != null &&
PasswordHashIterations.Equals(other.PasswordHashIterations)
) &&
(
PasswordSaltSize == other.PasswordSaltSize ||
PasswordSaltSize != null &&
PasswordSaltSize.Equals(other.PasswordSaltSize)
));
}
public async Task <IActionResult> RefreshToken([FromBody] TokenRefresh request, CancellationToken cancellationToken = default(CancellationToken))
{
try
{
var result = await _identityService.ExchangeRefreshToken(request, cancellationToken);
return(result.IsError ? throw new InvalidOperationException(result.Message)
: result.IsSuccess ? (IActionResult)Ok(result.Data)
: StatusCode(StatusCodes.Status206PartialContent, result.Message.CollectProblemDetailsPartialContent(HttpContext)));
}
catch (InvalidOperationException ex)
{
Log.Error(ex, ex.Message);
return(StatusCode(StatusCodes.Status500InternalServerError, new CustumResult()
{
Status = StatusCodes.Status500InternalServerError, Message = ex.Message
}));
}
}
public async Task <TokenRefresh> GenerateRefreshToken(string ipAddress, Guid userId)
{
using (var rngCryptoServiceProvider = new RNGCryptoServiceProvider())
{
var randomBytes = new byte[64];
rngCryptoServiceProvider.GetBytes(randomBytes);
var token = new TokenRefresh
{
Token = Convert.ToBase64String(randomBytes),
Expires = DateTime.UtcNow.AddDays(7),
CreatedDate = DateTime.UtcNow,
CreatedByIp = ipAddress,
CreatorId = userId
};
await _tokenRefreshRepository.AddAsync(token);
return(token);
}
}
/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
var hashCode = 41;
// Suitable nullity checks etc, of course :)
if (TokenExpiration != null)
{
hashCode = hashCode * 59 + TokenExpiration.GetHashCode();
}
if (TokenLength != null)
{
hashCode = hashCode * 59 + TokenLength.GetHashCode();
}
if (TokenRefresh != null)
{
hashCode = hashCode * 59 + TokenRefresh.GetHashCode();
}
if (TokenCleanupThreshold != null)
{
hashCode = hashCode * 59 + TokenCleanupThreshold.GetHashCode();
}
if (PasswordHashAlgorithm != null)
{
hashCode = hashCode * 59 + PasswordHashAlgorithm.GetHashCode();
}
if (PasswordHashIterations != null)
{
hashCode = hashCode * 59 + PasswordHashIterations.GetHashCode();
}
if (PasswordSaltSize != null)
{
hashCode = hashCode * 59 + PasswordSaltSize.GetHashCode();
}
return(hashCode);
}
}
public async Task <TokenRefresh> RefreshTokenAsync(RefreshToken refreshtoken)
{
LoginInfo loginInfo = new LoginInfo();
loginInfo.UserName = _ctx.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Name).Value;
string rolestr = _ctx.HttpContext.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Role).Value;
string oldtoken = _ctx.HttpContext.Request.Headers["Authorization"].ToString().Remove(0, 7);
LoggerClassLib.ActivityLog <string> .Logger("RefreshToken Request", JsonConvert.SerializeObject(refreshtoken));
LoggerClassLib.ActivityLog <string> .Logger("oldtoken", oldtoken);
loginInfo.RoleMap = JsonConvert.DeserializeObject <List <RoleMap> >(rolestr);
var resp = await _appPermissions.CheckValidRefreshTokenAsync(refreshtoken.token, oldtoken);
if (!resp)
{
throw new BadRequestException(new GeneralResponse {
code = "400", message = "Invalid RefreshToken/Token"
});
}
loginInfo = await GetTokenAsync(loginInfo, appID);
await _appPermissions.DeleteRefreshTokenAsync(refreshtoken.token, oldtoken);
TokenRefresh tokenRefresh = new TokenRefresh {
Token = loginInfo.Token, RefreshToken = loginInfo.RefreshToken
};
LoggerClassLib.ActivityLog <string> .Logger("RefreshToken Response", JsonConvert.SerializeObject(tokenRefresh), appID);
return(tokenRefresh);
}
public async Task <TokenRefresh> UpdateRefreshToken(string ipAddress, TokenRefresh oldTokenRefresh)
{
using (var rngCryptoServiceProvider = new RNGCryptoServiceProvider())
{
var randomBytes = new byte[64];
rngCryptoServiceProvider.GetBytes(randomBytes);
var token = new TokenRefresh
{
Token = Convert.ToBase64String(randomBytes),
Expires = DateTime.UtcNow.AddDays(7),
CreatedDate = DateTime.UtcNow,
CreatedByIp = ipAddress,
CreatorId = oldTokenRefresh.CreatorId
};
await _tokenRefreshRepository.AddAsync(token);
oldTokenRefresh.Revoked = DateTime.Now;
oldTokenRefresh.RevokedByIp = ipAddress;
oldTokenRefresh.ReplacedByToken = token.Token;
await _tokenRefreshRepository.UpdateAsync(oldTokenRefresh.Id, oldTokenRefresh);
return(token);
}
}
private async Task RefreshToken()
{
if (TokenResult == null || string.IsNullOrEmpty(TokenResult.RefreshToken) ||
!TokenResult.TokenNeedsRefresh())
{
return;
}
var refresh = new TokenRefresh(_credentials.ClientId, TokenResult.RefreshToken, _credentials.ClientSecret);
var requestMsg = await GetHttpResponse <TokenResult>(HttpMethod.Post, "oauth/token", JsonConvert.SerializeObject(refresh));
var tokenMsg = await requestMsg.Content.ReadAsStringAsync();
var result = JsonConvert.DeserializeObject <TokenResult>(tokenMsg);
if (!string.IsNullOrEmpty(result.RefreshToken))
{
TokenResult.RefreshToken = result.RefreshToken;
}
TokenResult.ExpiresIn = result.ExpiresIn;
TokenResult.IssueTime = DateTimeOffset.UtcNow;
TokenResult.AccessToken = result.AccessToken;
}
public void InsertToken(TokenRefresh data)
{
FDIDB.TokenRefreshes.Add(data);
}
public void DeleteTokenRefresh(TokenRefresh token)
{
FDIDB.Entry(token).State = System.Data.Entity.EntityState.Deleted;
}
public async Task <IActionResult> RefreshToken(TokenRefresh tokenRefresh)
{
var result = await tokenService.RefreshTokenAsync(tokenRefresh.RefreshToken, tokenRefresh.AccessToken);
return(this.FromResult(result));
}
public Task <IActionResult> RefreshTokenAsync([FromBody] TokenRefresh tokenRefresh)
{
// TODO: implement token refresh
return(Task.FromResult((IActionResult)Unauthorized()));
}
