public async Task <ScopeResolutionResult> ResolveScopesAsync(string clientId, IEnumerable <string> scopes)
{
var authorizedParty = await _applicationManager.FindByClientIdAsync(clientId);
var authorizedPartyScopes = await _applicationManager.FindScopesAsync(authorizedParty);
var result = new List <ApplicationScope>();
string resourceName = null;
TApplication resourceApplication = null;
IEnumerable <string> resourceApplicationScopes = null;
foreach (var scope in scopes)
{
var(wellFormed, canonical, name, scopeValue) = ParseScope(scope);
if (!wellFormed)
{
return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
}
if (canonical && authorizedPartyScopes.Any(s => s.Equals(scope, StringComparison.Ordinal)))
{
result.Add(ApplicationScope.CanonicalScopes[scope]);
}
if (canonical)
{
// We purposely ignore canonical scopes not allowed by the client application.
continue;
}
resourceName = resourceName ?? name;
if (resourceName != null && !resourceName.Equals(name, StringComparison.Ordinal))
{
return(ScopeResolutionResult.Invalid(_errorProvider.MultipleResourcesNotSupported(resourceName, name)));
}
if (resourceApplicationScopes == null)
{
resourceApplication = await _applicationManager.FindByNameAsync(resourceName);
if (resourceApplication == null)
{
return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
}
resourceApplicationScopes = await _applicationManager.FindScopesAsync(resourceApplication);
}
if (!resourceApplicationScopes.Contains(scopeValue, StringComparer.Ordinal))
{
return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
}
else
{
var resourceClientId = await _applicationManager.GetApplicationClientIdAsync(resourceApplication);
result.Add(new ApplicationScope(resourceClientId, scopeValue));
}
}
return(ScopeResolutionResult.Valid(result));
}
