public async Task <AccessTokenDto> RefreshAccessTokenAsync(AccessTokenDto accessToken)
{
var principal = GetPrincipalFromExpiredToken(accessToken.Token);
var userId = new Guid(principal.Identity.Name);
var savedRefreshToken = await _refreshTokenRepository.GetByUserIdOrDefaultAsync(userId);
if (savedRefreshToken.Token != accessToken.RefreshToken)
{
throw new SecurityTokenException($"Invalid refresh token for user with id {userId}");
}
var newJwtToken = GenerateJwtToken(principal.Claims);
var newRefreshToken = GenerateRefreshToken();
_refreshTokenRepository.Delete(savedRefreshToken);
_refreshTokenRepository.Create(new RefreshToken {
Token = newRefreshToken, UserId = userId
});
await _saveProvider.SaveAsync();
return(new AccessTokenDto {
RefreshToken = newRefreshToken, Token = newJwtToken
});
}
