public async Task <UserTokenModel> RefreshTokenAsync() { var authenticationToken = GetAccessTokenFromCookie(); var clientRefreshToken = GetRefreshTokenFromCookie(); if (string.IsNullOrWhiteSpace(authenticationToken)) { throw new CaminoAuthenticationException(); } if (string.IsNullOrWhiteSpace(clientRefreshToken)) { throw new CaminoAuthenticationException(); } var claimsIdentity = await _jwtHelper.GetPrincipalFromExpiredTokenAsync(authenticationToken); var userIdentityId = claimsIdentity.Claims.FirstOrDefault(x => x.Type == HttpHeaderContants.UserIdentityClaimKey).Value; if (string.IsNullOrEmpty(userIdentityId)) { return(new UserTokenModel()); } var user = await _userManager.FindByIdentityIdAsync(userIdentityId); if (user == null) { return(new UserTokenModel()); } var serverRefreshToken = await _userManager.GetUserTokenByValueAsync(user, clientRefreshToken, IdentitySettings.AUTHENTICATION_REFRESH_TOKEN_PURPOSE); if (serverRefreshToken == null || serverRefreshToken.ExpiryTime <= DateTimeOffset.Now) { throw new CaminoAuthenticationException(); } user.UserIdentityId = userIdentityId; var accessToken = _jwtHelper.GenerateJwtToken(user); await _userManager.RemoveAuthenticationTokenByValueAsync(user.Id, clientRefreshToken); var refreshToken = await _userManager.GenerateUserTokenAsync(user, ServiceProvidersNameConst.CAMINO_API_AUTH, IdentitySettings.AUTHENTICATION_REFRESH_TOKEN_PURPOSE); await _userManager.SetAuthenticationTokenAsync(user, ServiceProvidersNameConst.CAMINO_API_AUTH, IdentitySettings.AUTHENTICATION_REFRESH_TOKEN_PURPOSE, refreshToken); AddRefreshTokenToCookie(refreshToken); return(new UserTokenModel(true) { AuthenticationToken = accessToken, RefreshToken = refreshToken, RefreshTokenExpiryTime = DateTime.Now.AddHours(_jwtConfigOptions.RefreshTokenHourExpires) }); }