public ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
        {
            var            hmacKey  = AESServices.UserHmacKey(Constants.UserNumber, 3);
            var            jwtToken = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey);
            ClaimsIdentity id       = new ClaimsIdentity(jwtToken.Claims, JWTToken.JWT_ID);

            id.BootstrapContext = jwtToken;
            ClaimsPrincipal principal = new ClaimsPrincipal(id);

            return(principal);
        }
        public WebApiToken GenerateJWT(Users user)
        {
            var jwtToken = new JWTToken();

            jwtToken.AddClaim(ClaimTypes.NameIdentifier, "CPOC");
            jwtToken.AddClaim(ClaimTypes.Name, user.EmployeeName);
            jwtToken.AddClaim(ClaimTypes.Email, user.Email);
            jwtToken.Issuer   = Constants.Issuer;
            jwtToken.Audience = Constants.Audience;
            jwtToken.TimeOut  = "10";
            jwtToken.UserRole = user.Role;
            jwtToken.IsAdmin  = user.IsAdmin;
            jwtToken.symmetricSignatureKeyString = AESServices.UserHmacKey(Constants.UserNumber, 3);
            var webApiToken = new WebApiToken();

            webApiToken.accessToken  = jwtToken;
            webApiToken.refreshToken = GenerateRefreshToken();
            return(webApiToken);
        }
        //private readonly AuthenticationHandler _options;
        //public AuthenticationHandler(RequestDelegate next, IOptions<AuthenticationHandler> options)
        //{
        //    this._next = next;
        //    this._options = options.Value;

        //}

        public async Task Invoke(HttpContext context)
        {
            //}
            //public async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request)
            //{
            JWTToken oJwt     = null;
            var      response = new HttpResponseMessage();

            try
            {
                // skip the options requests
                bool listContains = false;
                foreach (KeyValuePair <string, List <string> > item in _public_No_JWT_List)
                {
                    if (context.Request.Path.Value.ToLower().TrimEnd('/').Equals(item.Key.ToLower()))
                    {
                        listContains = item.Value.Contains(context.Request.Method);
                        break;
                    }
                }
                // Determine whether the client is accessing a Public controller, if not check for token
                if ((!listContains))
                {
                    var    headers = context.Request.Headers;
                    string token   = string.Empty;

                    if (headers.ContainsKey(JWTToken.Authorization))
                    {
                        token = headers[JWTToken.Authorization].First();
                    }
                    try
                    {
                        var hmacKey = AESServices.UserHmacKey(Constants.UserNumber, 3);
                        //var hmacKey = AESServices.UserHmacKey(TokenService.userNumber, 3);
                        //var t = token.AESStringDecryption(Constants.UserNumber);
                        oJwt = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey);
                        //oJwt = JWTToken.ParseJwtToken(token.AESStringDecryption(TokenService.userNumber), ref hmacKey);

                        // Set Principal and store JWT
                        ClaimsIdentity id = new ClaimsIdentity(oJwt.Claims, JWTToken.JWT_ID);
                        id.BootstrapContext = oJwt;
                        ClaimsPrincipal principal = new ClaimsPrincipal(id);
                        Thread.CurrentPrincipal = new ClaimsPrincipal(id);
                        var x    = id.Claims.Where(x => x.Type == "isad").First();
                        var role = id.Claims.Where(x => x.Type == "role").First();
                        if (x.Value.Contains("False"))
                        {
                            var    routeValue  = context.Request.Path.Value.Split("/").Last();
                            string value       = Permissions.GetPermission(routeValue);
                            var    checkAccess = Bitwise.IsAttributeInCombination(long.Parse(value), long.Parse(role.Value));

                            if (!checkAccess)
                            {
                                throw new Exception("You don't have rights for this method.");
                            }
                        }
                        else
                        {
                            var    routeValue  = context.Request.Path.Value.Split("/").Last();
                            string value       = Permissions.GetPermission(routeValue);
                            var    checkAccess = Bitwise.IsAttributeInCombination(long.Parse(value), long.Parse(role.Value));

                            if (!checkAccess)
                            {
                                throw new Exception("You don't have rights for this method.");
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        throw new Exception(ex.Message);
                    }
                }
                await _next(context);
            }
            catch (Exception ex)
            {
                HttpResponseMessage exceptionResponse = new HttpResponseMessage(HttpStatusCode.BadRequest);
                context.Response.StatusCode  = Convert.ToInt32(HttpStatusCode.BadRequest);
                context.Response.ContentType = "application/json; charset=utf-8";
                var result = ex.ToString() + "An error occurred processing your authentication.";
                await context.Response.WriteAsync(result);
            }
        }