public ActionResult Refresh(string accessToken, string refreshToken)
{
//get userId from access token
var claimsPrincipal = jwtTokenService.GetPrincipalFromExpiredAccessToken(accessToken);
var uid = jwtTokenService.GetClaim(claimsPrincipal, "uid");
if (!int.TryParse(uid, out int userId))
{
return(Unauthorized("Invalid access token"));
}
//validate refresh token (Optionally delete refreshToken after validation)
jwtTokenService.ValidateRefreshToken(userId, refreshToken);
//get user from data store
var user = userService.GetById(userId);
//create new tokens
var claims = new List <Claim> {
new Claim("uid", uid)
};
var newAccessToken = jwtTokenService.GenerateAccessToken(user.UserName, null, claims);
var newRefreshToken = jwtTokenService.GenerateRefreshToken();
//store refresh token in data store
jwtTokenService.StoreRefreshToken(userId, newRefreshToken);
return(Ok(new JwtToken {
AccessToken = newAccessToken, RefreshToken = newRefreshToken, TokenType = "bearer"
}));
}