public AccessTokenResult CreateAccessToken(DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessTokenRequestMessage) { var token = new AuthorizationServerAccessToken(); token.Lifetime = TimeSpan.FromMinutes(2); token.ClientIdentifier = accessTokenRequestMessage.ClientIdentifier; foreach (string s in accessTokenRequestMessage.Scope) { token.Scope.Add(s); } token.User = accessTokenRequestMessage.UserName; // token.ExtraData.Add("id_token","thisisthejwt"); var signCert = LoadCert(Config.ALHAMBRA_AUTHORIZATION); token.AccessTokenSigningKey = (RSACryptoServiceProvider)signCert.PrivateKey; var encryptCert = LoadCert(Config.ALHAMBRA_RESOURCES); token.ResourceServerEncryptionKey = (RSACryptoServiceProvider)encryptCert.PublicKey.Key; var accessTokenResult = new AccessTokenResult(token); accessTokenResult.AccessToken.ClientIdentifier = accessTokenRequestMessage.ClientIdentifier; //Page 13 on draft 26 - Open Id Connect Basic Client Profile //if (token.Scope.Contains("offline_access")) //{ // accessTokenResult.AllowRefreshToken = true; //} accessTokenResult.AllowRefreshToken = true; return(accessTokenResult); }
public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessRequest) { throw new NotImplementedException(); }
public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessRequest) { throw new NotImplementedException(); }