private string GetRefreshToken( IEnumerable <Claim> claims, string userId) { var time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); var key = CryptoUtility.CreateCryptographicallySecureGuid() .ToByteArray(); var timeKey = time.Concat(key) .ToArray(); var serializedClaims = JsonConvert.SerializeObject(claims, new ClaimConverter()); var payload = new RefreshTokenPayloadModel { UserId = userId, Claims = serializedClaims, TimeWithKey = timeKey }; var payloadByteArr = ObjectToByteArray(payload); var refreshToken = Convert.ToBase64String(payloadByteArr); var encryptedRefreshToken = CryptoUtility.Encrypt(refreshToken, _tokenProviderOptions.RefreshTokenSigningKey); return(encryptedRefreshToken); }