public async Task <ApiResponse <AuthResponse> > ExchangeRefreshToken(ExchangeTokenRequest tokenRequest)
{
var refreshToken = _hostRepository.GetFirst <RefreshToken>(r => r.Token == tokenRequest.RefreshToken);
ClaimsPrincipal principal = GetPrincipalFromToken(tokenRequest.AccessToken);
if (principal == null)
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("no_valid_token")
}
var expiryDate = long.Parse(principal.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
var expiryDateTimeLocal = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDate).ToLocalTime();
var jti = principal.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
if (expiryDateTimeLocal > DateTime.Now)
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_not_expired") });
}
if (refreshToken == null)
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_not_found") });
}
if (refreshToken.Invalidated)
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("no_valid_token") });
}
if (refreshToken.ExpiresOn < DateTime.Now)
{
refreshToken.Invalidated = true;
_hostRepository.Update(refreshToken);
await _hostRepository.SaveAsync();
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_expired") });
}
if (refreshToken.JwtId != jti)
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("token_mismatch") });
}
var user = await _userManager.FindByIdAsync(refreshToken.ApplicationUserId.ToString());
if (user != null)
{
var tokens = await _jwtTokenFactory.GenerateAuthResponseForUser(user);
refreshToken.Invalidated = true;
_hostRepository.Update(refreshToken);
await _hostRepository.SaveAsync();
return(ApiResponse <AuthResponse> .Success(tokens));
}
else
{
return(ApiResponse <AuthResponse> .Error()); //ErrorProvider.GetError("auth_user_not_found") });
}
}
