public async Task <DataTransferObject <LoginResponseDTO> > RefreshToken(AuthStoreDTO tokenDto)
{
var response = new DataTransferObject <LoginResponseDTO>();
var queryParams = new Dictionary <string, string>();
queryParams.Add("filter.RefreshToken", tokenDto.RefreshToken);
var jsonApiRequest = FilterRequest.GetRequest(queryParams);
var existingToken = (await _repository.GetAll(jsonApiRequest)).FirstOrDefault();
if (existingToken == null)
{
return(ErrorResponseHelper.CreateErrorResponse <LoginResponseDTO>(ErrorStrings.InvalidRefreshToken));
}
else if (existingToken.RefreshTokenExpiry <= DateTime.UtcNow)
{
return(ErrorResponseHelper.CreateErrorResponse <LoginResponseDTO>(ErrorStrings.RefreshTokenExpired));
}
else if (existingToken.IsRevoked)
{
return(ErrorResponseHelper.CreateErrorResponse <LoginResponseDTO>(ErrorStrings.TokenAlreadyRevoked));
}
var identity = await GetClaimsIdentity(existingToken.UserName, existingToken.DeviceId);
if (identity == null)
{
return(ErrorResponseHelper.CreateErrorResponse <LoginResponseDTO>(ErrorStrings.InvalidRefreshToken));
}
var jwt = await Token.GenerateJwt(identity, _jwtFactory, existingToken.UserName, tokenDto.DeviceId, _jwtOptions);
var appUser = await userIdentityManager.FindByNameAsync(existingToken.UserName);
var refreshToken = GetRefreshToken(appUser);
var refreshTokenExpiry = _refreshTokenConfig.RefreshTokenExpiry;
jwt.RefreshToken = refreshToken;
await this.Repository.Create(new AuthStore()
{
Token = jwt.AuthToken, RefreshToken = refreshToken, RefreshTokenExpiry = refreshTokenExpiry, UserName = existingToken.UserName, DeviceId = tokenDto.DeviceId, IsRevoked = false
});
await DeleteAsync(existingToken.Id);
await SaveContext();
return(new DataTransferObject <LoginResponseDTO>(jwt));
}
