public async Task <RefreshToken> CanTokenBeRefreshedAsync(ClaimsPrincipal validatedToken, string refreshToken) { long expiryDateUnix = ClaimHelper.GetUnixExpiryDate(validatedToken); //if not expired, dont let user refresh //tokens contain time in unix format. //unix epoch (1970 1 1 000) is used to calculate unix time //unix time (nr of seconds elapsed since epoch) DateTime expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc) .AddSeconds(expiryDateUnix); RefreshToken storedRefreshToken = await _unitOfWork.RefreshTokenRepository.GetRefreshToken(refreshToken); if (expiryDateTimeUtc > DateTime.UtcNow || storedRefreshToken == null || DateTime.UtcNow > storedRefreshToken.ExpiryDate || storedRefreshToken.Invalidated || storedRefreshToken.Used || storedRefreshToken.JwtID != ClaimHelper.GetJTI(validatedToken)) { return(null); } return(storedRefreshToken); }