public async Task <IActionResult> RefreshToken(RefreshTokenViewModel model)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var principal = Util.GetPrincipalFromExpiredToken(model.token, _configuration);
var username = principal.Identity.Name;
var user = await _userManager.FindByNameAsync(username);
var savedToken = _utilService.GetRefreshToken(model.uniqueId);
if (savedToken.RefreshToken != model.refreshToken)
{
//throw new SecurityTokenException("Invalid refresh token");
return(Forbid());
}
if (DateTime.Now > savedToken.RefreshTokenExpiryDate)
{
return(Forbid());
}
var newJwtToken = Util.GenerateAccessToken(principal.Claims, _configuration).ToString();
var newRefreshToken = Util.GenerateRefreshToken(_configuration);
_utilService.SaveAccessToken(newJwtToken, newRefreshToken, model.uniqueId, user.Id);
return(Ok(new
{
access_token = newJwtToken,
refresh_token = newRefreshToken
}));
}
catch (Exception ex)
{
return(Forbid());
}
}
