private async Task <(AuthenticationResult result, RefreshToken refreshToken)> ValidateRefreshTokenAsync(
Guid refreshTokenId, Guid accessTokenJti)
{
var refreshToken = await _refreshTokenRepository.GetRefreshTokenByIdAsync(refreshTokenId);
if (refreshToken == null)
{
return(ValidationFailed("This refresh token doesn't exist"), null);
}
if (refreshToken.AccessTokenJti != accessTokenJti)
{
return(ValidationFailed("This refresh token isn't related with this access token"), null);
}
if (refreshToken.ExpirationDate < DateTime.UtcNow)
{
return(ValidationFailed("This refresh token is expired"), null);
}
if (refreshToken.Used)
{
return(ValidationFailed("This refresh token has been used"), null);
}
return(new AuthenticationResult {
Success = true
}, refreshToken);
}