public TokenViewModel UpdateAccessToken(string refreshTokenString)
{
var handler = new JwtSecurityTokenHandler();
if (!handler.CanReadToken(refreshTokenString))
{
throw new RefreshTokenExpiredException("Refresh token is not correct");
}
var refreshToken = handler.ReadJwtToken(refreshTokenString);
var audience = refreshToken.Audiences.FirstOrDefault();
var savedRefreshToken = _refreshTokenDal.GetByAudience(audience);
if (savedRefreshToken == null)
{
throw new RefreshTokenExpiredException("Refresh token cant find in database");
}
_refreshTokenDal.Remove(savedRefreshToken);
if (RefreshTokenHelper.IsExpired(savedRefreshToken))
{
throw new RefreshTokenExpiredException("Refresh token is expired");
}
var login = audience.Split("_", StringSplitOptions.RemoveEmptyEntries)[1];
var user = _profilesDal.GetByLogin(login);
return(CreateResponse(_refreshTokenDal, user));
}
public TokenViewModel CreateResponse(RefreshTokenDAL tokenDAL, User user)
{
var refreshToken = new RefreshTokenHelper(tokenDAL, _provider).Create(user.Login);
var accessToken = new AccessTokenHelper(_provider).CreateJwt(user, refreshToken);
var roles = user.UserRoles.Select(ur => ur.Role.Title).ToList();
var menuItems = _permissionsDAL.GetPermissionsForMenuItems(roles).ToList();
return(new TokenViewModel
{
AccessToken = accessToken.AccessToken,
ExpiresIn = accessToken.ExpiresIn,
RefreshToken = refreshToken,
Username = user.Login,
Roles = String.Join(", ", user.UserRoles.Select(u => u.Role.Title).ToArray()),
AvailableMenuItems = menuItems
});
}
