public IActionResult refreshToken(String refreshToken) { string login = _service.GetRefreshTokenOwner(refreshToken); if (login == null) { return(BadRequest("Wrong refresh token was passed")); } var claims = new[] { new Claim(ClaimTypes.Name, login), new Claim(ClaimTypes.Role, "Employee") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["SecretKey"])); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Gakko", audience: "Employee", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: credentials ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); }