public virtual AccessTokenResponse SVX_MakeAccessTokenResponse(AccessTokenRequest req, AuthorizationCodeParams codeParamsHint)
{
// We should only get here with req.grant_type ==
// "authorization_code", so we don't have to worry about modeling
// what IdP does in any other case.
if (req.grant_type != "authorization_code")
{
return(SVX.VProgram_API.Nondet <AccessTokenResponse>());
}
authorizationCodeGenerator.Verify(codeParamsHint, req.code);
if (req.redirect_uri != codeParamsHint.redirect_uri)
{
throw new Exception("Authorization code RP mismatch");
}
var tokenParams = new AccessTokenParams
{
userID = codeParamsHint.userID
};
var token = accessTokenGenerator.Generate(tokenParams);
return(new AccessTokenResponse
{
access_token = token
});
}
public UserProfileResponse SVX_MakeUserProfileResponse(UserProfileRequest req, AccessTokenParams tokenParamsHint)
{
accessTokenGenerator.Verify(tokenParamsHint, req.access_token);
return(CreateUserProfileResponse(tokenParamsHint.userID));
}
