public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientAppId = context.Ticket.Properties.Dictionary["as:client_app_id"]; if (string.IsNullOrEmpty(clientAppId)) { return; } //We are generating a unique identifier for the refresh token var refreshTokenId = Guid.NewGuid().ToString("n"); WebApiService service = new WebApiService(); var client = service.FindClientByAppId(clientAppId); /* * We are reading the refresh token life time value from the Owin * context where we set this value once we validate the client, * this value will be used to determine how long the refresh token * will be valid for, this should be in minutes. */ var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime"); var token = new RefreshToken() { RefreshTokenId = Core.Utility.Authentication.AuthHelper.GetHash(refreshTokenId), ClientAppId = clientAppId, Name = context.Ticket.Identity.Name ?? client.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; /* * we are setting the IssuedUtc, and ExpiresUtc values for the ticket, * setting those properties will determine how long the refresh token will be valid for. */ context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; // serialize the ticket content token.ProtectedTicket = context.SerializeTicket(); // save record in RefreshTokens table /* * We are checking that the token which will be saved on the database is unique * for this User and the Client, if it not unique we’ll delete the existing one * and store new refresh token. */ var result = await service.AddRefreshToken(token); if (result) { //send back the refresh token id context.SetToken(refreshTokenId); } }