public async void DeleteRefreshTokenAsync_ShouldRemoveRefreshTokenFromDatabase() { var loggerMock = new Mock <ILogger <AccessTokenService> >(); var optionsMock = new Mock <IOptions <AppSettings> >(); var appSettingsMock = new Mock <AppSettings>(); var contextMock = new Mock <IDatabaseContext>(); optionsMock.Setup(x => x.Value) .Returns(appSettingsMock.Object); var refreshToken = GetRefreshTokenSample(); var dbSet = new TestDbSet <RefreshToken>(); dbSet.Add(refreshToken); contextMock.Setup(x => x.RefreshTokens) .Returns(dbSet); contextMock.Setup(x => x.SaveChangesAsync(It.IsAny <CancellationToken>())) .Verifiable(); var service = new AccessTokenService(loggerMock.Object, contextMock.Object, optionsMock.Object); await service.DeleteRefreshTokenAsync(refreshToken.UserId.ToString(), refreshToken.Token); Assert.DoesNotContain(refreshToken, dbSet); contextMock.Verify(x => x.SaveChangesAsync(It.IsAny <CancellationToken>())); }
public async Task <IActionResult> Refresh([FromBody] RefreshRequestModel refreshRequest) { var principal = AccessTokenService.GetPrincipalFromExpiredToken(refreshRequest.Token); var userId = principal.Identity.Name; var savedRefreshToken = await AccessTokenService.GetRefreshTokenAsync(userId); if (savedRefreshToken != refreshRequest.RefreshToken) { return(BadRequest("Invalid refresh token")); } string newJwtToken = null; string newRefreshToken = null; try { newJwtToken = AccessTokenService.GenerateAccessToken(userId); newRefreshToken = AccessTokenService.GenerateRefreshToken(); await AccessTokenService.DeleteRefreshTokenAsync(userId, refreshRequest.RefreshToken); await AccessTokenService.SaveRefreshTokenAsync(userId, newRefreshToken); } catch (Exception e) { Logger.LogError(e, e.Message); return(StatusCode(500)); } return(Ok(new { token = newJwtToken, refreshToken = newRefreshToken })); }