public async Task <IActionResult> PostRevoke( [FromForm] RevocationRequest revocationRequest, CancellationToken cancellationToken) { // 1. Fetch the authorization header AuthenticationHeaderValue?authenticationHeaderValue = null; if (Request.Headers.TryGetValue(HeaderNames.Authorization, out var authorizationHeader)) { var authorizationHeaderValue = authorizationHeader.First(); var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' '); if (splittedAuthorizationHeaderValue.Length == 2) { authenticationHeaderValue = new AuthenticationHeaderValue( splittedAuthorizationHeaderValue[0], splittedAuthorizationHeaderValue[1]); } } // 2. Revoke the token var issuerName = Request.GetAbsoluteUriWithVirtualPath(); var option = await _tokenActions.RevokeToken( revocationRequest.ToParameter(), authenticationHeaderValue, Request.GetCertificate(), issuerName, cancellationToken) .ConfigureAwait(false); return(option switch { Option.Success => new OkResult(), Option.Error e => BadRequest(e.Details), _ => throw new ArgumentOutOfRangeException() });
/// <summary> /// Check the parameters based on the RFC : http://openid.net/specs/openid-connect-core-1_0.html#TokenRequestValidation /// </summary> /// <param name="authorizationCodeGrantTypeParameter"></param> /// <param name="authenticationHeaderValue"></param> /// <param name="certificate"></param> /// <param name="issuerName"></param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the async operation.</param> /// <returns></returns> private async Task <Option <ValidationResult> > ValidateParameter( AuthorizationCodeGrantTypeParameter authorizationCodeGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (authorizationCodeGrantTypeParameter.Code == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidGrant, Detail = Strings.TheAuthorizationCodeIsNotCorrect }); } // 1. Authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( authorizationCodeGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public async Task <Option <GrantedToken> > GetTokenByTicketId( GetTokenViaTicketIdParameter parameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(parameter.Ticket)) { _logger.LogError("Ticket is null or empty"); return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, UmaConstants.RptClaims.Ticket) }); } var instruction = authenticationHeaderValue.GetAuthenticateInstruction(parameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { _logger.LogError("Client not found."); return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public async Task <TResult?> ExecuteApi <TResult>(HttpMethod method, string resourcePath, AuthenticationHeaderValue?authenticationHeader = null, object?data = null) where TResult : class { var url = GetUrl(resourcePath); var httpRequestMessage = new HttpRequestMessage(method, url); try { httpRequestMessage = AddDefaultHeaders(httpRequestMessage); httpRequestMessage = AddStringContent(httpRequestMessage, data); httpRequestMessage = AddAuthenticationHeader(httpRequestMessage, authenticationHeader); var httpResponse = await _client.SendAsync(httpRequestMessage); var resultContent = await httpResponse.Content.ReadAsStringAsync(); if (httpResponse.IsSuccessStatusCode) { if (string.IsNullOrWhiteSpace(resultContent)) { return new ErrorResult { IsSuccessStatusCode = false } } as TResult; var result = JsonConvert.DeserializeObject <TResult?>(resultContent, JsonUtils.StringEnumJsonSerializerSettings); return(result); }
public async Task <Option <GrantedToken> > GetTokenByClientCredentialsGrantType( ClientCredentialsGrantTypeParameter clientCredentialsGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(clientCredentialsGrantTypeParameter.Scope)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, StandardTokenRequestParameterNames.ScopeName) }); } // 1. Authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( clientCredentialsGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public async Task <Option <GrantedToken> > GetTokenByRefreshTokenGrantType( RefreshTokenGrantTypeParameter refreshTokenGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { // Read this RFC for more information if (string.IsNullOrWhiteSpace(refreshTokenGrantTypeParameter.RefreshToken)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format( Strings.MissingParameter, StandardTokenRequestParameterNames.RefreshToken) }); } return(await _getTokenByRefreshTokenGrantTypeAction.Execute( refreshTokenGrantTypeParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken).ConfigureAwait(false)); }
/// <summary> /// Gets the result of the <see cref="HttpRequestMessage"/>. /// </summary> /// <typeparam name="T">The <see cref="Type"/> of data downloaded.</typeparam> /// <param name="request">The download request.</param> /// <param name="token">The authorization token for the request.</param> /// <param name="certificate">The <see cref="X509Certificate2"/> to include in request.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the async operation.</param> /// <returns></returns> protected async Task <Option <T> > GetResult <T>( HttpRequestMessage request, AuthenticationHeaderValue?token, X509Certificate2?certificate = null, CancellationToken cancellationToken = default) where T : class { request = PrepareRequest(request, token, certificate); var result = await _client().SendAsync(request, cancellationToken).ConfigureAwait(false); #if NET5_0 var content = await result.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false); #else var content = await result.Content.ReadAsStringAsync().ConfigureAwait(false); #endif if (result.IsSuccessStatusCode && result.StatusCode != HttpStatusCode.NoContent) { return(Serializer.Default.Deserialize <T>(content) !); } var genericResult = string.IsNullOrWhiteSpace(content) ? new ErrorDetails { Status = result.StatusCode } : Serializer.Default.Deserialize <ErrorDetails>(content); return(genericResult !); }
public static AuthenticateInstruction GetAuthenticateInstruction( this AuthenticationHeaderValue?authenticationHeaderValue, GrantTypeParameter?grantTypeParameter, X509Certificate2?certificate = null) { var result = grantTypeParameter == null ? new AuthenticateInstruction { Certificate = certificate } : new AuthenticateInstruction { ClientAssertion = grantTypeParameter.ClientAssertion, ClientAssertionType = grantTypeParameter.ClientAssertionType, ClientIdFromHttpRequestBody = grantTypeParameter.ClientId, ClientSecretFromHttpRequestBody = grantTypeParameter.ClientSecret, Certificate = certificate }; if (authenticationHeaderValue == null) { return(result); } if (!string.IsNullOrWhiteSpace(authenticationHeaderValue.Parameter) && string.Equals(authenticationHeaderValue.Scheme, "Basic", StringComparison.OrdinalIgnoreCase)) { var parameters = GetParameters(authenticationHeaderValue.Parameter); if (parameters.Length == 2) { result.ClientIdFromAuthorizationHeader = parameters[0]; result.ClientSecretFromAuthorizationHeader = parameters[1]; } } return(result); }
public async Task <Option> Execute( RevokeTokenParameter revokeTokenParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { var refreshToken = revokeTokenParameter.Token; if (refreshToken == null) { _logger.LogError(Strings.TheRefreshTokenIsNotValid); return(new ErrorDetails { Detail = Strings.TheRefreshTokenIsNotValid, Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidToken }); } // 1. Check the client credentials var instruction = authenticationHeaderValue.GetAuthenticateInstruction(revokeTokenParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { _logger.LogError(authResult.ErrorMessage); return(new ErrorDetails { Detail = authResult.ErrorMessage !, Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient });
/// <summary> /// Initializes a new instance of the <see cref="TokenClient"/> class. /// </summary> /// <param name="credentials">The <see cref="TokenCredentials"/>.</param> /// <param name="client">The <see cref="HttpClient"/> for requests.</param> /// <param name="discoveryDocumentation">The metadata information.</param> public TokenClient(TokenCredentials credentials, Func <HttpClient> client, DiscoveryInformation discoveryDocumentation) : base(client) { _form = credentials; _client = client; _authorizationValue = credentials.AuthorizationValue; _certificate = credentials.Certificate; _discovery = discoveryDocumentation; }
public async Task <List <HelixGameRecord> > GetGameByIdAsync(string id, AuthenticationHeaderValue?authentication = null, CancellationToken cancelToken = default) { var response = await GetDataResponseAsync <HelixGameRecord>( Endpoints.Games, new[] { new KeyValuePair <string, string>(nameof(id), id) }, authentication, cancelToken).ConfigureAwait(false); return(response.Data); }
public async Task <List <HelixGameRecord> > GetGamesByIdsAsync( IEnumerable <string> ids, AuthenticationHeaderValue?authentication = null, CancellationToken cancelToken = default) { var response = await GetDataResponseAsync <HelixGameRecord>( Endpoints.Games, ids.Select(id => new KeyValuePair <string, string>(nameof(id), id)), authentication, cancelToken).ConfigureAwait(false); return(response.Data); }
public static bool TryParse([NotNullWhen(true)] string?input, [NotNullWhen(true)] out AuthenticationHeaderValue?parsedValue) { int index = 0; parsedValue = null; if (GenericHeaderParser.SingleValueAuthenticationParser.TryParseValue(input, null, ref index, out object?output)) { parsedValue = (AuthenticationHeaderValue)output !; return(true); } return(false); }
public void NullAuthenticationHeaderValue() { //Arrange var services = new ServiceCollection(); var productHeaderValue = GetProductHeaderValue(); AuthenticationHeaderValue?authenticationHeaderValue = null; //Act //Assett #pragma warning disable CS8604 // Possible null reference argument. Assert.Throws <ArgumentNullException>(() => services.AddGitHubApiStatusService(authenticationHeaderValue, productHeaderValue)); #pragma warning restore CS8604 // Possible null reference argument. }
static HttpRequestMessage CreateRequest(Uri requestUri, string?clientId, AuthenticationHeaderValue?authentication) { var msg = new HttpRequestMessage(HttpMethod.Get, requestUri); if (!(authentication is null)) { msg.Headers.Authorization = authentication; } if (!(clientId is null)) { msg.Headers.Add(HelixApiDefaults.ClientIdHeaderName, clientId); } return(msg); }
/// <summary> /// Initializes a new instance of the <see cref="TokenClient"/> class. /// </summary> /// <param name="credentials">The <see cref="TokenCredentials"/>.</param> /// <param name="client">The <see cref="HttpClient"/> for requests.</param> /// <param name="authority">The <see cref="Uri"/> of the discovery document.</param> public TokenClient(TokenCredentials credentials, Func <HttpClient> client, Uri authority) : base(client) { if (!authority.IsAbsoluteUri) { throw new ArgumentException( string.Format(ClientStrings.TheUrlIsNotWellFormed, authority)); } _form = credentials; _client = client; _authorizationValue = credentials.AuthorizationValue; _certificate = credentials.Certificate; _discoveryOperation = new GetDiscoveryOperation(authority, client); }
public async Task <IActionResult> PostToken( [FromForm] TokenRequest tokenRequest, CancellationToken cancellationToken) { var certificate = Request.GetCertificate(); if (tokenRequest.grant_type == null) { return(BadRequest( new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, RequestTokenNames.GrantType) })); } AuthenticationHeaderValue?authenticationHeaderValue = null; if (Request.Headers.TryGetValue(HeaderNames.Authorization, out var authorizationHeader)) { _ = AuthenticationHeaderValue.TryParse(authorizationHeader[0], out authenticationHeaderValue); } var issuerName = Request.GetAbsoluteUriWithVirtualPath(); var result = await GetGrantedToken( tokenRequest, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false); if (result is Option <GrantedToken> .Result r) { return(new OkObjectResult(r.Item.ToDto())); } var e = (Option <GrantedToken> .Error)result; _logger.LogError( "Could not issue token. {0} - {1} - {2}", e.Details.Title, e.Details.Detail, e.Details.Status); return(new BadRequestObjectResult(e.Details)); }
private static HttpRequestMessage PrepareRequest( HttpRequestMessage request, AuthenticationHeaderValue?authorizationHeaderValue, X509Certificate2?certificate = null) { request.Headers.Accept.Clear(); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(JsonMimeType)); request.Headers.Authorization = authorizationHeaderValue; if (certificate != null) { var base64Encoded = Convert.ToBase64String(certificate.RawData); request.Headers.Add("X-ARR-ClientCert", base64Encoded); } return(request); }
public async Task <Option <GrantedToken> > GetTokenByResourceOwnerCredentialsGrantType( ResourceOwnerGrantTypeParameter resourceOwnerGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(resourceOwnerGrantTypeParameter.UserName)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, StandardTokenRequestParameterNames.UserName) }); } if (string.IsNullOrWhiteSpace(resourceOwnerGrantTypeParameter.Password)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format( Strings.MissingParameter, StandardTokenRequestParameterNames.PasswordName) }); } if (string.IsNullOrWhiteSpace(resourceOwnerGrantTypeParameter.Scope)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, StandardTokenRequestParameterNames.ScopeName) }); } return(await _getTokenByResourceOwnerCredentialsGrantType.Execute( resourceOwnerGrantTypeParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken).ConfigureAwait(false)); }
private async Task <JObject> GetDataResponseJObjectAsync(Uri requestUri, AuthenticationHeaderValue?authentication = null, CancellationToken cancelToken = default) { using (var reqMsg = CreateRequest(requestUri, ClientId, authentication)) using (var respMsg = await httpClient.SendAsync(reqMsg, cancelToken) .ConfigureAwait(continueOnCapturedContext: false)) { if (!respMsg.Content.IsJson() && !respMsg.Content.IsText()) { throw new HttpRequestException($"Invalid Content-Type in response body: {respMsg.Content.Headers.ContentType}"); } using var respTxtReader = await respMsg.Content .ReadAsStreamReaderAsync().ConfigureAwait(false); using var respJsonReader = new JsonTextReader(respTxtReader); return(await JObject.LoadAsync(respJsonReader, cancelToken) .ConfigureAwait(continueOnCapturedContext: false)); }
public override bool Equals(object?obj) { AuthenticationHeaderValue?other = obj as AuthenticationHeaderValue; if (other == null) { return(false); } if (string.IsNullOrEmpty(_parameter) && string.IsNullOrEmpty(other._parameter)) { return(string.Equals(_scheme, other._scheme, StringComparison.OrdinalIgnoreCase)); } else { // Since we can't parse the parameter, we use case-sensitive comparison. return(string.Equals(_scheme, other._scheme, StringComparison.OrdinalIgnoreCase) && string.Equals(_parameter, other._parameter, StringComparison.Ordinal)); } }
/// <inheritdoc /> protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var now = DateTimeOffset.Now; if (_authorizedUris == null) { throw new InvalidOperationException($"The '{nameof(CustomAuthorizationMessageHandler)}' is not configured. " + $"Call '{nameof(CustomAuthorizationMessageHandler.ConfigureHandler)}' and provide a list of endpoint urls to attach the token to."); } if (_authorizedUris.Any(uri => uri.IsBaseOf(request.RequestUri !))) { if (_lastToken == null || now >= _lastToken.Expires.AddMinutes(-5)) { var tokenResult = _tokenOptions != null ? await _provider.RequestAccessToken(_tokenOptions) : await _provider.RequestAccessToken(); if (tokenResult.TryGetToken(out var token)) { _lastToken = token; _cachedHeader = new AuthenticationHeaderValue("Bearer", _lastToken.Value); } else { _lastToken = null; _cachedHeader = null; } } if (_cachedHeader != null) { // We don't try to handle 401s and retry the request with a new token automatically since that would mean we need to copy the request // headers and buffer the body and we expect that the user instead handles the 401s. (Also, we can't really handle all 401s as we might // not be able to provision a token without user interaction). request.Headers.Authorization = _cachedHeader; } } return(await base.SendAsync(request, cancellationToken)); }
public async Task <Option <GrantedToken> > GetTokenByAuthorizationCodeGrantType( AuthorizationCodeGrantTypeParameter authorizationCodeGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { var validation = Validate(authorizationCodeGrantTypeParameter); if (validation is Option.Error e) { return(e.Details); } return(await _getTokenByAuthorizationCodeGrantTypeAction.Execute( authorizationCodeGrantTypeParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken).ConfigureAwait(false)); }
private async Task <OAuthToken> GetOAuthTokenAsync(HttpResponseMessage response, HttpRequestMessage unauthorizedRequest, CancellationToken cancellationToken = default) { AuthenticationHeaderValue?bearerHeader = response.Headers.WwwAuthenticate .AsEnumerable() .FirstOrDefault(header => header.Scheme == HttpBearerChallenge.Bearer); if (bearerHeader is null) { throw new AuthenticationException($"Bearer header not contained in unauthorized response from {response.RequestMessage?.RequestUri}"); } HttpBearerChallenge challenge = HttpBearerChallenge.Parse(bearerHeader.Parameter); Uri authenticateUri = new($"{challenge.Realm}?service={challenge.Service}&scope={challenge.Scope}"); HttpRequestMessage authenticateRequest = new(HttpMethod.Get, authenticateUri); authenticateRequest.Headers.Authorization = unauthorizedRequest.Headers.Authorization; cancellationToken.ThrowIfCancellationRequested(); response = await base.SendAsync(authenticateRequest, cancellationToken).ConfigureAwait(false); response.EnsureSuccessStatusCode(); cancellationToken.ThrowIfCancellationRequested(); #if NET5_0_OR_GREATER string tokenContent = await response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false); #else string tokenContent = await response.Content.ReadAsStringAsync().ConfigureAwait(false); #endif try { return(SafeJsonConvert.DeserializeObject <OAuthToken>(tokenContent)); } catch (JsonException e) { throw new SerializationException("Unable to deserialize the response.", tokenContent, e); } }
public async Task <Option <GrantedToken> > Execute( RefreshTokenGrantTypeParameter refreshTokenGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { // 1. Try to authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( refreshTokenGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
private TokenCredentials(Dictionary <string, string> form, AuthenticationHeaderValue?authorizationValue = null, X509Certificate2?certificate = null) { _form = form; AuthorizationValue = authorizationValue; Certificate = certificate; }
public static string DownloadToString(this IHttpChannel channel, string url, Encoding?encoding = default, AuthenticationHeaderValue?authenticationHeaderValue = null) { encoding = encoding ?? Encoding.UTF8; var request = channel.CreateRequest(url); if (authenticationHeaderValue != null) { request.Headers.Authorization = authenticationHeaderValue; } var result = SharedHttpClient.Value.SendAsync(request).Result; var contentAsString = result.Content.ReadAsStringAsync().Result; return(contentAsString); }
public static IHttpHeader DownloadHeader(this IHttpChannel channel, string url, AuthenticationHeaderValue?authenticationHeaderValue = null) { var request = channel.CreateRequest(url); if (authenticationHeaderValue != null) { request.Headers.Authorization = authenticationHeaderValue; } request.Method = HttpMethod.Head; var result = SharedHttpClient.Value.SendAsync(request).Result; var dict = result.Headers.ToDictionary(key => key.Key, v => v.Value.ToString() ?? ""); return(new HttpHeader(dict)); }
public DefaultHttpAuthHeaderFactory(AuthenticationHeaderValue?authHeader) { this.authHeaderFunc = () => Task.FromResult(authHeader); }
private async Task <Option <GrantedToken> > GetGrantedToken( TokenRequest tokenRequest, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { switch (tokenRequest.grant_type) { case GrantTypes.Device: return(await _tokenActions.GetTokenByDeviceGrantType( tokenRequest.client_id, tokenRequest.device_code, issuerName, cancellationToken).ConfigureAwait(false)); case GrantTypes.Password: var resourceOwnerParameter = tokenRequest.ToResourceOwnerGrantTypeParameter(); return(await _tokenActions.GetTokenByResourceOwnerCredentialsGrantType( resourceOwnerParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false)); case GrantTypes.AuthorizationCode: var authCodeParameter = tokenRequest.ToAuthorizationCodeGrantTypeParameter(); return(await _tokenActions.GetTokenByAuthorizationCodeGrantType( authCodeParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false)); case GrantTypes.RefreshToken: var refreshTokenParameter = tokenRequest.ToRefreshTokenGrantTypeParameter(); return(await _tokenActions.GetTokenByRefreshTokenGrantType( refreshTokenParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false)); case GrantTypes.ClientCredentials: var clientCredentialsParameter = tokenRequest.ToClientCredentialsGrantTypeParameter(); return(await _tokenActions.GetTokenByClientCredentialsGrantType( clientCredentialsParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false)); case GrantTypes.UmaTicket: var tokenIdParameter = tokenRequest.ToTokenIdGrantTypeParameter(); return(await _umaTokenActions.GetTokenByTicketId( tokenIdParameter, authenticationHeaderValue, certificate, issuerName, cancellationToken) .ConfigureAwait(false)); case GrantTypes.ValidateBearer: //return null; default: throw new ArgumentOutOfRangeException(nameof(tokenRequest)); } }