public async Task <AuthenticationResponse> RefreshTokenAsync(string token, string refreshToken) { var validatedToken = _principalProvider.GetPrincipalFromToken(token); if (validatedToken == null) { return(InvalidTokenResponse()); } var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc) .AddSeconds(expiryDateUnix); if (expiryDateTimeUtc > DateTime.UtcNow) { return(InvalidTokenResponse()); } var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken); if (storedRefreshToken == null) { return(InvalidTokenResponse()); } if (DateTime.UtcNow > storedRefreshToken.ExpiryDate) { return(InvalidTokenResponse()); } if (storedRefreshToken.Invalidated) { return(InvalidTokenResponse()); } if (storedRefreshToken.Used) { return(InvalidTokenResponse()); } if (storedRefreshToken.JwtId != jti) { return(InvalidTokenResponse()); } storedRefreshToken.Used = true; _context.RefreshTokens.Update(storedRefreshToken); await _context.SaveChangesAsync(); var user = await _userManager.FindByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value); var userToken = await _tokenProvider.GetTokenForUserAsync(user); return(new AuthenticationResponse { Success = true, Token = userToken.Token, RefreshToken = userToken.Refresh }); }