public virtual TokenResponse CreateTokenResponseFromAuthorizationCode(StoredGrant handle, IStoredGrantManager handleManager)
        {
            var resourceOwner = Principal.Create(
                "OAuth2",
                handle.ResourceOwner.ToClaims().ToArray());

            var validatedRequest = new ValidatedRequest
            {
                Client      = handle.Client,
                Application = handle.Application,
                Scopes      = handle.Scopes
            };

            var response = CreateTokenResponse(validatedRequest, resourceOwner);

            if (handle.CreateRefreshToken)
            {
                var refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                    resourceOwner.GetSubject(),
                    handle.Client,
                    handle.Application,
                    resourceOwner.Claims,
                    handle.Scopes,
                    handle.RefreshTokenExpiration.Value);

                handleManager.Add(refreshTokenHandle);
                response.RefreshToken = refreshTokenHandle.GrantId;
            }

            handleManager.Delete(handle.GrantId);

            return(response);
        }
        public virtual TokenResponse CreateTokenResponseFromAuthorizationCode(StoredGrant handle, IStoredGrantManager handleManager)
        {
            var resourceOwner = Principal.Create(
                "OAuth2",
                handle.ResourceOwner.ToClaims().ToArray());

            var validatedRequest = new ValidatedRequest
            {
                Client = handle.Client,
                Application = handle.Application,
                Scopes = handle.Scopes
            };

            var response = CreateTokenResponse(validatedRequest, resourceOwner);

            if (handle.CreateRefreshToken)
            {
                var refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                    resourceOwner.GetSubject(),
                    handle.Client,
                    handle.Application,
                    resourceOwner.Claims,
                    handle.Scopes,
                    handle.RefreshTokenExpiration.Value,
                    validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);

                handleManager.Add(refreshTokenHandle);
                response.RefreshToken = refreshTokenHandle.GrantId;
            }
                
            handleManager.Delete(handle.GrantId);

            return response;
        }
        public virtual TokenResponse CreateTokenResponseFromRefreshToken(StoredGrant handle, IStoredGrantManager handleManager)
        {
            var resourceOwner = Principal.Create(
                "OAuth2",
                handle.ResourceOwner.ToClaims().ToArray());

            if (DateTime.UtcNow > handle.Expiration)
            {
                throw new InvalidOperationException("Refresh token has expired.");
            }

            var validatedRequest = new ValidatedRequest
            {
                Client = handle.Client,
                Application = handle.Application,
                Scopes = handle.Scopes,
            };

            var response = CreateTokenResponse(validatedRequest, resourceOwner);

            if (handle.CreateRefreshToken)
            {
                StoredGrant refreshTokenHandle;

                if (validatedRequest.Application.AllowSlidingRefreshTokenExpiration)
                {
                    var rememberTimeSpan = handle.Expiration.Subtract(handle.Created);
                    var newRefreshTokenExpiration = DateTime.UtcNow.Add(rememberTimeSpan);

                    refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                        resourceOwner.GetSubject(),
                        handle.Client,
                        handle.Application,
                        resourceOwner.Claims,
                        handle.Scopes,
                        newRefreshTokenExpiration,
                        createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
                }
                else
                {
                    refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                        resourceOwner.GetSubject(),
                        handle.Client,
                        handle.Application,
                        resourceOwner.Claims,
                        handle.Scopes,
                        handle.Expiration,
                        createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
                }

                response.RefreshToken = refreshTokenHandle.GrantId;

                handleManager.Add(refreshTokenHandle);
                handleManager.Delete(handle.GrantId);
            }
            else
            {
                response.RefreshToken = handle.GrantId;
            }    
            return response;
        }
        public virtual TokenResponse CreateTokenResponseFromRefreshToken(StoredGrant handle, IStoredGrantManager handleManager)
        {
            var resourceOwner = Principal.Create(
                "OAuth2",
                handle.ResourceOwner.ToClaims().ToArray());

            if (DateTime.UtcNow > handle.Expiration)
            {
                throw new InvalidOperationException("Refresh token has expired.");
            }

            var validatedRequest = new ValidatedRequest
            {
                Client      = handle.Client,
                Application = handle.Application,
                Scopes      = handle.Scopes,
            };

            var response = CreateTokenResponse(validatedRequest, resourceOwner);

            if (handle.CreateRefreshToken)
            {
                StoredGrant refreshTokenHandle;

                if (validatedRequest.Application.AllowSlidingRefreshTokenExpiration)
                {
                    var rememberTimeSpan          = handle.Expiration.Subtract(handle.Created);
                    var newRefreshTokenExpiration = DateTime.UtcNow.Add(rememberTimeSpan);

                    refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                        resourceOwner.GetSubject(),
                        handle.Client,
                        handle.Application,
                        resourceOwner.Claims,
                        handle.Scopes,
                        newRefreshTokenExpiration,
                        createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
                }
                else
                {
                    refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
                        resourceOwner.GetSubject(),
                        handle.Client,
                        handle.Application,
                        resourceOwner.Claims,
                        handle.Scopes,
                        handle.Expiration,
                        createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
                }

                response.RefreshToken = refreshTokenHandle.GrantId;

                handleManager.Add(refreshTokenHandle);
                handleManager.Delete(handle.GrantId);
            }
            else
            {
                response.RefreshToken = handle.GrantId;
            }
            return(response);
        }