diff --git a/src/backend/src/FoodDiary.Application/Auth/GetStatus/GetStatusRequestHandler.cs b/src/backend/src/FoodDiary.Application/Auth/GetStatus/GetStatusRequestHandler.cs index da9bb5a2b..cc2bce669 100644 --- a/src/backend/src/FoodDiary.Application/Auth/GetStatus/GetStatusRequestHandler.cs +++ b/src/backend/src/FoodDiary.Application/Auth/GetStatus/GetStatusRequestHandler.cs @@ -46,16 +46,16 @@ public async Task Handle(GetStatusRequest request, Cancellation logger.LogInformation("Access token for user {UserEmail} expired. Attempting to refresh token...", userEmail); - var accessToken = request.AuthResult.Properties.GetTokenValue(Constants.OpenIdConnectParameters.AccessToken); - var refreshToken = request.AuthResult.Properties.GetTokenValue(Constants.OpenIdConnectParameters.RefreshToken); + var existingAccessToken = request.AuthResult.Properties.GetTokenValue(Constants.OpenIdConnectParameters.AccessToken); + var existingRefreshToken = request.AuthResult.Properties.GetTokenValue(Constants.OpenIdConnectParameters.RefreshToken); - if (string.IsNullOrWhiteSpace(accessToken) || string.IsNullOrWhiteSpace(refreshToken)) + if (string.IsNullOrWhiteSpace(existingAccessToken) || string.IsNullOrWhiteSpace(existingRefreshToken)) { logger.LogInformation("Access and/or refresh tokens for user {UserEmail} were not found", userEmail); return await NotAuthenticated(); } - var refreshTokenResult = await oAuthClient.RefreshToken(refreshToken, cancellationToken); + var refreshTokenResult = await oAuthClient.RefreshToken(existingRefreshToken, cancellationToken); if (refreshTokenResult is not RefreshTokenResult.Success refreshTokenResponse) { @@ -75,7 +75,7 @@ public async Task Handle(GetStatusRequest request, Cancellation return await NotAuthenticated(); } - var tokens = CreateNewTokens(refreshTokenResponse); + var tokens = CreateNewTokens(refreshTokenResponse, existingRefreshToken); return await AuthenticatedWithNewTokens(request.AuthResult, tokens, userEmail); } @@ -113,7 +113,9 @@ await httpContextAccessor.HttpContext.SignInAsync( return new GetStatusResult.Authenticated(); } - private IEnumerable CreateNewTokens(RefreshTokenResult.Success refreshTokenResponse) + private IEnumerable CreateNewTokens( + RefreshTokenResult.Success refreshTokenResponse, + string existingRefreshToken) { var expiresAt = timeProvider.GetUtcNow() + TimeSpan.FromSeconds(refreshTokenResponse.ExpiresIn); @@ -134,7 +136,7 @@ private IEnumerable CreateNewTokens(RefreshTokenResult.Succ new AuthenticationToken { Name = Constants.OpenIdConnectParameters.RefreshToken, - Value = refreshTokenResponse.RefreshToken + Value = existingRefreshToken }, new AuthenticationToken diff --git a/src/backend/src/FoodDiary.Application/Auth/GetStatus/IOAuthClient.cs b/src/backend/src/FoodDiary.Application/Auth/GetStatus/IOAuthClient.cs index 8425514ee..9de06becf 100644 --- a/src/backend/src/FoodDiary.Application/Auth/GetStatus/IOAuthClient.cs +++ b/src/backend/src/FoodDiary.Application/Auth/GetStatus/IOAuthClient.cs @@ -15,8 +15,6 @@ public record Success( string AccessToken, [property: JsonPropertyName("id_token")] string IdToken, - [property: JsonPropertyName("refresh_token")] - string RefreshToken, [property: JsonPropertyName("token_type")] string TokenType, [property: JsonPropertyName("expires_in")] @@ -33,7 +31,7 @@ public record Success : GetUserInfoResult; public interface IOAuthClient { - Task RefreshToken(string currentRefreshToken, CancellationToken cancellationToken); + Task RefreshToken(string refreshToken, CancellationToken cancellationToken); Task GetUserInfo(string accessToken, CancellationToken cancellationToken); } \ No newline at end of file diff --git a/src/backend/src/FoodDiary.Infrastructure/Integrations/Google/GoogleOAuthClient.cs b/src/backend/src/FoodDiary.Infrastructure/Integrations/Google/GoogleOAuthClient.cs index 9679a8d27..58efcadb2 100644 --- a/src/backend/src/FoodDiary.Infrastructure/Integrations/Google/GoogleOAuthClient.cs +++ b/src/backend/src/FoodDiary.Infrastructure/Integrations/Google/GoogleOAuthClient.cs @@ -12,14 +12,14 @@ namespace FoodDiary.Infrastructure.Integrations.Google; public class GoogleOAuthClient(HttpClient httpClient, IOptions options) : IOAuthClient { - public async Task RefreshToken(string currentRefreshToken, CancellationToken cancellationToken) + public async Task RefreshToken(string refreshToken, CancellationToken cancellationToken) { var formValues = new List> { new("grant_type", "refresh_token"), new("client_id", options.Value.ClientId), new("client_secret", options.Value.ClientSecret), - new("refresh_token", currentRefreshToken), + new("refresh_token", refreshToken), new("scope", $"{Constants.AuthenticationScopes.Openid} " + $"{Constants.AuthenticationScopes.Profile} " + $"{Constants.AuthenticationScopes.Email} " + diff --git a/src/backend/tests/FoodDiary.ComponentTests/Infrastructure/ExternalServices/GoogleIdentityProvider.cs b/src/backend/tests/FoodDiary.ComponentTests/Infrastructure/ExternalServices/GoogleIdentityProvider.cs index 59efc817a..8b50966b4 100644 --- a/src/backend/tests/FoodDiary.ComponentTests/Infrastructure/ExternalServices/GoogleIdentityProvider.cs +++ b/src/backend/tests/FoodDiary.ComponentTests/Infrastructure/ExternalServices/GoogleIdentityProvider.cs @@ -24,7 +24,6 @@ public Task SetupAccessTokenSuccessfullyRefreshed() { access_token = "new_fake_access_token", expires_in = 3599, - refresh_token = "new_fake_refresh_token", scope = $"{Constants.AuthenticationScopes.Openid} " + $"{Constants.AuthenticationScopes.GoogleProfile} " + $"{Constants.AuthenticationScopes.GoogleEmail} " +