private async Task <bool> ValidateRequestedScopesAsync(NameValueCollection parameters)
{
var scopes = parameters.Get(Constants.TokenRequest.Scope);
if (scopes.IsMissingOrTooLong(_options.InputLengthRestrictions.Scope))
{
Logger.Warn("Scopes missing or too long");
return(false);
}
var requestedScopes = ScopeValidator.ParseScopesString(scopes);
if (requestedScopes == null)
{
return(false);
}
if (!_scopeValidator.AreScopesAllowed(_validatedRequest.Client, requestedScopes))
{
return(false);
}
if (!await _scopeValidator.AreScopesValidAsync(requestedScopes))
{
return(false);
}
_validatedRequest.Scopes = requestedScopes;
_validatedRequest.ValidatedScopes = _scopeValidator;
return(true);
}
public AuthorizeRequestValidator(IdentityServerOptions options, IClientStore clients, ICustomRequestValidator customValidator, IRedirectUriValidator uriValidator, ScopeValidator scopeValidator, SessionCookie sessionCookie)
{
_options = options;
_clients = clients;
_customValidator = customValidator;
_uriValidator = uriValidator;
_scopeValidator = scopeValidator;
_sessionCookie = sessionCookie;
}
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events)
{
_options = options;
_authorizationCodes = authorizationCodes;
_refreshTokens = refreshTokens;
_users = users;
_customGrantValidator = customGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_events = events;
}