Fix Access/Refres Token

AMREZ.EOP.Infrastructures/Security/JwtFactory.cs

@@ -28,23 +28,23 @@ public sealed class JwtFactory : IJwtFactory
 
     public (string token, DateTimeOffset expiresAt) CreateAccessToken(IEnumerable<Claim> claims)
     {
-        var http = _http.HttpContext ?? throw new InvalidOperationException("No HttpContext");
-        var tenant = _resolver.Resolve(http) ?? throw new InvalidOperationException("No tenant context");
+        var tenantId = claims.FirstOrDefault(c => c.Type == "tenant_id")?.Value
+                       ?? throw new InvalidOperationException("tenant_id claim missing");
 
-        var material = !string.IsNullOrWhiteSpace(tenant.Id) ? tenant.Id! : tenant.TenantKey!;
-        var keyBytes = SHA256.HashData(Encoding.UTF8.GetBytes(material));
-        var cred = new SigningCredentials(new SymmetricSecurityKey(keyBytes), SecurityAlgorithms.HmacSha256);
+        var keyBytes = SHA256.HashData(Encoding.UTF8.GetBytes(tenantId));
+        var creds = new SigningCredentials(new SymmetricSecurityKey(keyBytes), SecurityAlgorithms.HmacSha256);
 
         var now = DateTimeOffset.UtcNow;
         var exp = now.AddMinutes(AccessMinutes);
 
         var jwt = new JwtSecurityToken(
-            issuer: Issuer,
+            issuer: Issuer,     
             audience: Audience,
             claims: claims,
             notBefore: now.UtcDateTime,
             expires: exp.UtcDateTime,
-            signingCredentials: cred);
+            signingCredentials: creds
+        );
 
         return (new JwtSecurityTokenHandler().WriteToken(jwt), exp);
     }