public override async Task ValidateAuthorizationRequest(ValidateAuthorizationRequestContext context) { _vService = context.HttpContext.RequestServices.GetRequiredService <ValidationService>(); if (!context.Request.IsAuthorizationCodeFlow() && !context.Request.IsImplicitFlow()) { context.Reject(OpenIdConnectConstants.Errors.UnsupportedResponseType, "Only authorization code, refresh token, and token grant types are accepted by this authorization server."); return; } var clientId = context.ClientId; var rdi = context.Request.RedirectUri; var state = context.Request.State; var scope = context.Request.Scope; if (string.IsNullOrWhiteSpace(clientId)) { context.Reject(OpenIdConnectConstants.Errors.InvalidClient, "client_id cannot be empty"); return; } if (string.IsNullOrWhiteSpace(rdi)) { context.Reject(OpenIdConnectConstants.Errors.InvalidClient, "redirect_uri cannot be empty"); return; } if (!await _vService.CheckClientIdIsValid(clientId)) { context.Reject(OpenIdConnectConstants.Errors.InvalidClient, "The supplied client id does not exist"); return; } if (!await _vService.CheckRedirectUriMatchesClientId(clientId, rdi)) { context.Reject(OpenIdConnectConstants.Errors.InvalidClient, "The supplied redirect uri is incorrect"); return; } if (!_vService.CheckScopesAreValid(scope)) { context.Reject(OpenIdConnectConstants.Errors.InvalidRequest, "One or all of the supplied scopes are invalid"); return; } context.Validate(); }