示例#1
0
        public string EncodeRefreshToken(string username, DateTime expiryDate)
        {
            var author         = Read(username);
            var previousTokens = _dbContext.RefreshToken
                                 .Where(token => token.AuthorId == author.AuthorId && token.IsRevoked.HasValue && !token.IsRevoked.Value)
                                 .ToList();

            foreach (var token in previousTokens)
            {
                token.IsRevoked = true;
            }
            var refreshToken = new RefreshToken
            {
                AuthorId = author.AuthorId,
                RefreshTokenExpiryDate = expiryDate,
                InitialVector          = PasswordHelper.GenerateInitialVector(),
                EncryptionKey          = PasswordHelper.GenerateAesKey(),
            };
            var refreshTokenEntity = _dbContext.RefreshToken.Add(refreshToken).Entity;

            _dbContext.RefreshToken.UpdateRange(previousTokens);
            _dbContext.SaveChanges();

            var refreshTokenClaims = new DecodedRefreshTokenClaims
            {
                Username   = username,
                ExpiryDate = expiryDate,
                Secret     = EncryptionHelper.EncryptBytes(BitConverter.GetBytes(refreshToken.RefreshTokenId), refreshToken.EncryptionKey, refreshToken.InitialVector),
            };
            var encodedToken = String.Empty;

            using (var serializerStream = new MemoryStream())
            {
                Console.WriteLine($"{nameof(EncodeRefreshToken)} refreshTokenClaims: [{refreshTokenClaims.ToString()}]");
                _binaryFormatter.Serialize(serializerStream, refreshTokenClaims);
                encodedToken = Convert.ToBase64String(serializerStream.ToArray());
            }

            return(encodedToken);
        }
示例#2
0
        public bool ValidateRefreshToken(string encodedRefreshToken, out DecodedRefreshTokenClaims refreshTokenClaims, out Author author)
        {
            using (var deserializerStream = new MemoryStream(Convert.FromBase64String(encodedRefreshToken)))
            {
                refreshTokenClaims = (DecodedRefreshTokenClaims)_binaryFormatter.Deserialize(deserializerStream);
                author             = null;

                if (refreshTokenClaims.ExpiryDate < DateTime.Now)
                {
                    return(false);
                }

                var username    = refreshTokenClaims.Username;
                var activeToken = _dbContext.RefreshToken
                                  .Include(rt => rt.Author)
                                  .Where(rt => rt.Author.Username == username && rt.IsRevoked.HasValue && !rt.IsRevoked.Value)
                                  .FirstOrDefault();
                author = activeToken.Author;

                if (activeToken == null)
                {
                    return(false);
                }

                Console.WriteLine($"{nameof(ValidateRefreshToken)} refreshTokenClaims: [{refreshTokenClaims}]");
                Console.WriteLine($"{nameof(ValidateRefreshToken)} EncryptionKey: [{BitConverter.ToString(activeToken.EncryptionKey)}], InitialVector: [{BitConverter.ToString(activeToken.InitialVector)}]");
                var decryptedBytes  = EncryptionHelper.DecryptBytes(refreshTokenClaims.Secret, activeToken.EncryptionKey, activeToken.InitialVector);
                var decryptedSecret = BitConverter.ToInt64(decryptedBytes);
                Console.WriteLine($"{nameof(ValidateRefreshToken)} ActiveRefreshTokenId: {activeToken.RefreshTokenId}, DecryptedTokenId: {decryptedSecret}");

                if (activeToken.RefreshTokenId == decryptedSecret)
                {
                    return(true);
                }
            }

            return(false);
        }