public async Task <IActionResult> Logout([FromBody] TokensAuthenticationModel tokensAuthenticationModel)
{
await _refreshTokenHelper.Remove(tokensAuthenticationModel,
_tokenHelper.GetUserNameFromExpiredToken(tokensAuthenticationModel.AccessToken), User);
return(Ok());
}
public static async Task <TokensAuthenticationModel> AddAccessToken(
this TokensAuthenticationModel tokensAuthenticationModel, string userName, TokenHelper tokenHelper)
{
tokensAuthenticationModel.AccessToken = await tokenHelper.GenerateToken(userName);
return(tokensAuthenticationModel);
}
public async Task <IdentityResult> RemoveRefreshToken(TokensAuthenticationModel tokensAuthenticationModel,
string userName)
{
var user = await GetUserByValidToken(tokensAuthenticationModel, userName);
return(await _userManager.RemoveAuthenticationTokenAsync(user, tokensAuthenticationModel.LoginProvider,
UserIdentityConstants.TokenName));
}
public async Task <string> Update(TokensAuthenticationModel tokensAuthenticationModel, string userName)
{
var generatedRefreshToken = Generate();
ValidateResult(
await _userService.UpdateRefreshToken(tokensAuthenticationModel, userName, generatedRefreshToken));
return(generatedRefreshToken);
}
public static async Task <TokensAuthenticationModel> UpdateRefreshToken(
this TokensAuthenticationModel tokensAuthenticationModel,
string userName,
RefreshTokenHelper refreshTokenHelper)
{
tokensAuthenticationModel.RefreshToken = await refreshTokenHelper.Update(tokensAuthenticationModel, userName);
return(tokensAuthenticationModel);
}
public static async Task <TokensAuthenticationModel> AddAccessToken(this TokensAuthenticationModel tokensAuthenticationModel,
CredentialsModel credentials,
TokenHelper tokenHelper)
{
tokensAuthenticationModel.AccessToken =
await tokenHelper.GenerateToken(credentials.UserName, credentials.Password);
return(tokensAuthenticationModel);
}
public async Task Remove(TokensAuthenticationModel tokensAuthenticationModel, string userName, ClaimsPrincipal principal)
{
if (userName == null || userName != principal.GetLoggedInUserName())
{
throw new ForbiddenException(ExceptionMessages.ForbiddenException);
}
ValidateResult(
await _userService.RemoveRefreshToken(tokensAuthenticationModel, userName));
}
public async Task <IActionResult> RefreshToken([FromBody] TokensAuthenticationModel tokensAuthenticationModel)
{
var userName = _tokenHelper.GetUserNameFromExpiredToken(tokensAuthenticationModel.AccessToken);
var response = await(await tokensAuthenticationModel
.AddAccessToken(userName, _tokenHelper))
.UpdateRefreshToken(userName, _refreshTokenHelper);
return(Ok(response));
}
public static async Task <TokensAuthenticationModel> AddRefreshTokenFields(
this TokensAuthenticationModel tokensAuthenticationModel,
string userName,
RefreshTokenHelper refreshTokenHelper)
{
var loginProvider = Guid.NewGuid().ToString();
tokensAuthenticationModel.LoginProvider = loginProvider;
tokensAuthenticationModel.RefreshToken = await refreshTokenHelper.Add(userName, loginProvider);
return(tokensAuthenticationModel);
}
private async Task <User> GetUserByValidToken(TokensAuthenticationModel tokensAuthenticationModel,
string userName)
{
var user = await _userManager.FindByNameAsync(userName);
var existingToken = await _userManager.GetAuthenticationTokenAsync(user,
tokensAuthenticationModel.LoginProvider, UserIdentityConstants.TokenName);
if (existingToken != tokensAuthenticationModel.RefreshToken)
{
throw new UnauthorizedAccessException();
}
return(user);
}
