public async Task <IActionResult> RefreshToken(string token, string refreshToken)
{
var principal = _jwtTokenService.GetPrincipalFromExpiredToken(token);
var username = principal.Identity.Name;
var savedRefreshToken = await _accountFacade.GetRefreshToken(username); //retrieve the refresh token from a data store
if (savedRefreshToken != refreshToken)
{
throw new SecurityTokenException("Invalid refresh token");
}
var newJwtToken = _jwtTokenService.GenerateToken(principal.Claims.ToList());
var newRefreshToken = _jwtTokenService.GenerateRefreshToken();
await _accountFacade.UpdateRefreshToken(username, newRefreshToken);
var result = LinqExtensions.CreateSuccessResponse <RefreshTokenContract>(
new RefreshTokenContract
{
Token = newJwtToken,
RefreshToken = newRefreshToken
});
return(Ok(result));
}
