public Task <bool> ExistsAsync(byte[] tokenSeed)
{
var tokenId = ToTokenId(tokenSeed);
var hasBeenUsed = _jwtTokenRepository.HasTokenBeenUsed(tokenId);
return(Task.FromResult(hasBeenUsed));
}
public void ValidateReplyAttack(SecurityToken token)
{
_jwtTokenRepository.RemoveExpiredTokens();
var hasTokenBeenUsed = _jwtTokenRepository.HasTokenBeenUsed(token.Id);
if (hasTokenBeenUsed)
{
throw new SecurityTokenReplayDetectedException($"The same token cannot be used again. Token Id: {token.Id}");
}
_jwtTokenRepository.InsertValidToken(new JwtToken
{
ExpirationTime = token.ValidTo,
Id = token.Id
});
}
