Ejemplo n.º 1
0
        /// <summary>
        /// issue access token and refresh token
        /// </summary>
        protected virtual async Task IssueTokenByRequestInfoAsync(HttpContext context, GrantType grantType, IClient client, TokenInfo tokenRequestInfo)
        {
            // issue token
            var token = await _tokenGenerator.GenerateAccessTokenAsync(
                context : context
                , grantType : grantType
                , client : client
                , scopes : tokenRequestInfo.Scopes.Split(OAuth2Consts.Seperator_Scope)
                , username : tokenRequestInfo.UN
                );

            if (client.Grants.Contains(OAuth2Consts.GrantType_RefreshToken))
            {// allowed to use refresh token
                //var surferID = GetSurferID(context);
                var refreshToken = await _tokenGenerator.GenerateRefreshTokenAsync();

                await _tokenStore.SaveRefreshTokenAsync(refreshToken, tokenRequestInfo, client.RefreshTokenExpireSeconds);
                await WriteTokenAsync(context.Response, token, tokenRequestInfo.Scopes, client, refreshToken);
            }
            else
            {// not allowed to use refresh token
                await WriteTokenAsync(context.Response, token, tokenRequestInfo.Scopes, client);
            }
        }