public virtual async Task <JwtSignInResult> RefreshTokenAsync(string refreshToken) { var result = _tokenFactoryService.ValidateAndGetRefreshTokenUserIdAndSecurity(refreshToken); if (result.UserId == null || result.SecurityStamp == null) { return(JwtSignInResult.Failed("invalid token")); } var user = await UserManager.FindByIdAsync(result.UserId); if (user == null || !await ValidateSecurityStampAsync(user, result.SecurityStamp)) { return(JwtSignInResult.Failed("token expired")); } IList <Claim> additionalClaims; if (!string.IsNullOrEmpty(result.AmrCliam)) { additionalClaims = new List <Claim>(); additionalClaims.Add(new Claim("amr", result.AmrCliam)); } else { additionalClaims = Array.Empty <Claim>(); } var tokens = await SignInWithClaimsAsync(user, additionalClaims); return(JwtSignInResult.Success(tokens)); }