/// <summary>
/// issue access token and refresh token
/// </summary>
protected virtual async Task IssueTokenByRequestInfoAsync(HttpContext context, GrantType grantType, IClient client, TokenInfo tokenRequestInfo)
{
// issue token
var token = await _tokenGenerator.GenerateAccessTokenAsync(
context : context
, grantType : grantType
, client : client
, scopes : tokenRequestInfo.Scopes.Split(OAuth2Consts.Seperator_Scope)
, username : tokenRequestInfo.UN
);
if (client.Grants.Contains(OAuth2Consts.GrantType_RefreshToken))
{// allowed to use refresh token
//var surferID = GetSurferID(context);
var refreshToken = await _tokenGenerator.GenerateRefreshTokenAsync();
await _tokenStore.SaveRefreshTokenAsync(refreshToken, tokenRequestInfo, client.RefreshTokenExpireSeconds);
await WriteTokenAsync(context.Response, token, tokenRequestInfo.Scopes, client, refreshToken);
}
else
{// not allowed to use refresh token
await WriteTokenAsync(context.Response, token, tokenRequestInfo.Scopes, client);
}
}