示例#1
0
 protected override bool ValidateToken(LoginToken token) => base.ValidateToken(token) && !string.IsNullOrWhiteSpace(token?.RefreshToken);
示例#2
0
        protected override async Task <IDictionary <string, string> > GetRequestParameters(LoginToken token)
        {
            var details = await _userLoginCommand.RetrieveAsync();

            if (details.Cancelled)
            {
                throw new HttpSecurityException("The login process has been cancelled.");
            }

            var builder = _requestBuilder
                          .SetCredendials(details.Username, details.Password);

            if (details.Additional.TryGetValue(SecurityTokenConstants.Scopes, out object scopesObject) && scopesObject is IEnumerable <string> scopes)
            {
                builder.AddScopes(scopes);
            }

            builder.SetClientId(token.ClientId)
            .SetClientSecret(token.ClientSecret);

            return(builder.Build());
        }
示例#3
0
        protected override async Task OnHandleRequestAsync(HttpRequestMessage message, LoginToken token)
        {
            if (!_configuration.TryGet(SecurityTokenConstants.ApiConfiguration, out ApiConfiguration configuration))
            {
                throw new InvalidOperationException("There is no api configuration configured. Please ensure that it has been added to the security configuration.");
            }

            var parameters = await GetRequestParameters(token);

            var request = new ApiCommandRequest(configuration.TokenEndpoint, parameters);

            var response = await _apiCommand.ExecuteAsync(request);

            var newToken = await response.TryGetContent <LoginToken>();

            _configuration.Update(SecurityTokenConstants.LoginToken, newToken);

            message.Headers.Authorization = new AuthenticationHeaderValue(SecurityTokenConstants.JwtAuthHeader, newToken.AccessToken);
        }
示例#4
0
 protected abstract Task <IDictionary <string, string> > GetRequestParameters(LoginToken token);
示例#5
0
 protected virtual bool ValidateToken(LoginToken token) => token != null && !_validator.ReadJwtToken(token.AccessToken).HasExpired();
示例#6
0
 protected abstract Task OnHandleRequestAsync(HttpRequestMessage message, LoginToken token);