public async Task <LoginResponse> RefreshAsync(RefreshTokenRequest request) { try { var user = CryptoUtils.GetClaimsPrincipalFromExpiredToken(request.AccessToken, _configuration); var accountId = user.GetAccountId(); var token = await _refreshTokenRepository.FindByAccountIdAndValueAsync(accountId, request.RefreshToken); if (token == null) { return(new LoginResponse { Error = "Invalid access token and/or refresh token" }); } var account = await _accountRepository.FindByIdAsync(token.AccountId); var accessToken = CryptoUtils.CreateAccessToken(account, _configuration); token.Value = CryptoUtils.RandomString(); token.Expires = DateTime.UtcNow.AddDays(Convert.ToDouble(_configuration["Auth:RefreshTokenExpiresInDays"])); await _refreshTokenRepository.UpdateAsync(token.Id, token); return(new LoginResponse { AccessToken = accessToken, RefreshToken = token.Value, }); } catch (Exception ex) { // swallow for now _logger.LogError(ex, "Failed to process refresh token"); } return(new LoginResponse { Error = "Invalid access token and/or refresh token" }); }