public string TokenRevocation(RevocationDTO revocationDTO) { try { ValidationResult results1 = userloginvalidation.Validate(revocationDTO.user); ValidationResult results2 = refreshvalidation.Validate(revocationDTO.refresh); string refresh_token = HttpUtility.UrlDecode(revocationDTO.token); Authorize authorize = oauth.Authorize.SingleOrDefault(x => x.Code == refresh_token); User user = oauth.User.Where(x => x.UserId == authorize.UserId).FirstOrDefault(); UserDTO userLoginDTO = mapper.Map <UserDTO>(user); //Check user is authenticated var handler = new UserAuthenticationHandler(); handler.Handle(userLoginDTO); revocationDTO.user = userLoginDTO; //Check refresh token provided is real var refreshhandler = new RefreshTokenAuthenticationHandler(); refreshhandler.Handle(revocationDTO); //Set the refresh token to null authorize.Code = null; oauth.SaveChanges(); return(TokenConstants.RevokedToken); } catch (InvalidTokenException) { throw; } catch (InvalidUserException) { throw; } catch (Exception ex) { Log.Log.Error(ex, TokenConstants.InvalidUser); throw new InvalidUserException(TokenConstants.InvalidUser); } }
public UserDTO Login(UserDTO userLogin) { ValidationResult results = userloginvalidation.Validate(userLogin); User user = oauth.User.Where(x => x.UserName == userLogin.UserName).FirstOrDefault(); UserDTO userLoginDTO = mapper.Map <UserDTO>(user); userLoginDTO.password = userLogin.password; var handler = new UserAuthenticationHandler(); handler.Handle(userLoginDTO); userLoginDTO.IsAuthenticated = true; return(userLoginDTO); }