public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
_logger.LogDebug("Start token request validation");
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
var raw = context.Request.Raw;
var validatedRequest = new ValidatedTokenRequest
{
Raw = raw ?? throw new ArgumentNullException(nameof(raw)),
Options = _options
};
var customTokenRequestValidationContext = new CustomTokenRequestValidationContext()
{
Result = new TokenRequestValidationResult(validatedRequest)
};
await _arbitraryNoSubjectRequestValidator.ValidateAsync(customTokenRequestValidationContext);
if (customTokenRequestValidationContext.Result.IsError)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest,
customTokenRequestValidationContext.Result.Error);
return;
}
// validate HTTP for clients
if (HttpMethods.IsPost(_httpContextAccessor.HttpContext.Request.Method) && _httpContextAccessor.HttpContext.Request.HasFormContentType)
{
// validate client
var clientResult = await _clientValidator.ValidateAsync(_httpContextAccessor.HttpContext);
if (!clientResult.IsError)
{
validatedRequest.SetClient(clientResult.Client);
}
}
/////////////////////////////////////////////
// check grant type
/////////////////////////////////////////////
var grantType = validatedRequest.Raw.Get(OidcConstants.TokenRequest.GrantType);
if (grantType.IsMissing())
{
LogError("Grant type is missing");
context.Result = new GrantValidationResult(TokenRequestErrors.UnsupportedGrantType);
return;
}
if (grantType.Length > _options.InputLengthRestrictions.GrantType)
{
LogError("Grant type is too long");
context.Result = new GrantValidationResult(TokenRequestErrors.UnsupportedGrantType);
return;
}
validatedRequest.GrantType = grantType;
context.Result = new GrantValidationResult();
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
_logger.LogDebug("Start token request validation");
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
var raw = context.Request.Raw;
_validatedRequest = new ValidatedTokenRequest
{
Raw = raw ?? throw new ArgumentNullException(nameof(raw)),
Options = _options
};
var customTokenRequestValidationContext = new CustomTokenRequestValidationContext()
{
Result = new TokenRequestValidationResult(_validatedRequest)
};
await _arbitraryNoSubjectRequestValidator.ValidateAsync(customTokenRequestValidationContext);
if (customTokenRequestValidationContext.Result.IsError)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest,
customTokenRequestValidationContext.Result.Error);
return;
}
var clientResult = await _clientValidator.ValidateAsync(_httpContextAccessor.HttpContext);
if (!clientResult.IsError)
{
_validatedRequest.SetClient(clientResult.Client);
}
/////////////////////////////////////////////
// check grant type
/////////////////////////////////////////////
var grantType = _validatedRequest.Raw.Get(OidcConstants.TokenRequest.GrantType);
_validatedRequest.GrantType = grantType;
context.Result = new GrantValidationResult();
}