public override Task ValidateTokenRequest(ValidateTokenRequestContext context)
{
// Note: OpenIdConnectServerHandler supports authorization code, refresh token, client credentials
// and resource owner password credentials grant types but this authorization server uses a safer policy
// rejecting the last two ones. You may consider relaxing it to support the ROPC or client credentials grant types.
if (!context.Request.IsAuthorizationCodeGrantType() && !context.Request.IsRefreshTokenGrantType())
{
context.Rejected(
error: "unsupported_grant_type",
description: "Only authorization code and refresh token grant types " +
"are accepted by this authorization server");
}
return(Task.FromResult <object>(null));
}
public override Task ValidateTokenRequest(ValidateTokenRequestContext context)
{
// Only allow resource owner credential flow
if (!context.Request.IsPasswordGrantType())
{
context.Rejected(
error: "unsupported_grant_type",
description: "Only resource owner credentials " +
"are accepted by this authorization server");
}
context.Validated();
return(Task.FromResult <object>(null));
}