public async Task <ApiResponse <AuthResponse> > ExchangeRefreshToken(ExchangeTokenRequest tokenRequest) { var refreshToken = _hostRepository.GetFirst <RefreshToken>(r => r.Token == tokenRequest.RefreshToken); ClaimsPrincipal principal = GetPrincipalFromToken(tokenRequest.AccessToken); if (principal == null) { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("no_valid_token") } var expiryDate = long.Parse(principal.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateTimeLocal = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDate).ToLocalTime(); var jti = principal.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; if (expiryDateTimeLocal > DateTime.Now) { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_not_expired") }); } if (refreshToken == null) { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_not_found") }); } if (refreshToken.Invalidated) { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("no_valid_token") }); } if (refreshToken.ExpiresOn < DateTime.Now) { refreshToken.Invalidated = true; _hostRepository.Update(refreshToken); await _hostRepository.SaveAsync(); return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_expired") }); } if (refreshToken.JwtId != jti) { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_mismatch") }); } var user = await _userManager.FindByIdAsync(refreshToken.ApplicationUserId.ToString()); if (user != null) { var tokens = await _jwtTokenFactory.GenerateAuthResponseForUser(user); refreshToken.Invalidated = true; _hostRepository.Update(refreshToken); await _hostRepository.SaveAsync(); return(ApiResponse <AuthResponse> .Success(tokens)); } else { return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("auth_user_not_found") }); } }