private async Task<SuccessfulTokenResponse> CreateTokenIdResponse(AuthorizationCode authCode)
{
var tokenLifeTime = authCode.Client.IdentityTokenLifetime;
var jti = Guid.NewGuid().ToString().ToSha256String();
var exp = DateTimeOffsetHelper.NewExpirationDate(tokenLifeTime).ToString();
var accessToken = authCode.SubjectId.ToSha256String();
var payload = new Dictionary<string, object>
{
["iss"] = _context.OwinConext.Request.PathBase.Value,
["sub"] = authCode.SubjectId,
["aud"] = _context.OwinConext.Request.PathBase.Value + RequestRoutes.TokenEndPoint.Value,
["jti"] = jti,
["exp"] = exp,
["iat"] = DateTimeOffsetHelper.NewExpirationDate(0),
["nonce"] = authCode.Nonce,
["at_hash"] = accessToken
};
var token = JWT.JsonWebToken.Encode(payload,
authCode.Client.ClientSecrets[0],
JWT.JwtHashAlgorithm.HS256);
var key = (Guid.NewGuid().ToString("n") +
Guid.NewGuid().ToString("n")).ToSha256String();
var value = new RefreshToken
{
SubjectId = authCode.SubjectId,
ClientId = authCode.ClientId,
Client = authCode.Client
};
await _refreshTokenStorage.StoreAsync(key, value);
return new SuccessfulTokenResponse
{
access_token = accessToken,
expires_in = exp,
refresh_token = key,
id_token = token
};
}
private async Task<SuccessfulAuthenticationResponse> CreateAuthenticationCode()
{
var authCode = (
Guid.NewGuid().ToString("n") +
Guid.NewGuid().ToString("n")).ToSha256String();
var code = new AuthorizationCode
{
Client = Context.CurrentClient,
IsOpenId = Context.AuthenticationRequest.scope.Contains("openid"),
Nonce = Context.AuthenticationRequest.nonce,
RedirectUri = Context.AuthenticationRequest.redirect_uri,
SubjectId = Context.SubjectId
};
await _authorizationCodestorage.StoreAsync(authCode, code);
return new SuccessfulAuthenticationResponse(authCode,
Context.AuthenticationRequest.state);
}
public Task StoreAsync(string key, AuthorizationCode value)
{
_repository[key] = value;
return Task.FromResult<object>(null);
}
