public ActionResult <Token> CreateToken([FromForm] TokenCreateRequest request) { if (request.GrantType == GrantTypes.AuthorizationCode) { if (string.IsNullOrEmpty(request.ClientId)) { return(ErrorObjectResultFactory.InvalidClient()); } var application = _authorizeService.GetApplication(request.ClientId); if (application == null) { return(ErrorObjectResultFactory.InvalidClient()); } if (!application.GrantTypes.Contains(GrantTypes.AuthorizationCode)) { return(ErrorObjectResultFactory.InvalidGrantType()); } if (string.IsNullOrEmpty(request.Code)) { return(ErrorObjectResultFactory.InvalidCode()); } var authorizationCode = _authorizeService.GetAuthorizationCode(request.Code); if (authorizationCode == null) { return(ErrorObjectResultFactory.InvalidCode()); } if (application.ApplicationId != authorizationCode.ApplicationId) { return(ErrorObjectResultFactory.InvalidCode()); } var accessToken = _authorizeService.CreateAccessToken( application.ApplicationId, authorizationCode.AccountId, null); _authorizeService.UseAuthorizationCode(request.Code); return(new Token { AccessToken = accessToken.TokenId, ExpiresIn = _appSetgings.AccessTokenExpiresIn, Scope = string.Join(' ', accessToken.Scopes), TokenType = "Bearer", }); } else if (request.GrantType == GrantTypes.ClientCredentials) { if (string.IsNullOrEmpty(request.ClientId)) { return(ErrorObjectResultFactory.InvalidClient()); } var application = _authorizeService.GetApplication(request.ClientId); if (application == null || application.ClientSecret != request.ClientSecret) { return(ErrorObjectResultFactory.InvalidClient()); } if (!application.GrantTypes.Contains(GrantTypes.ClientCredentials)) { return(ErrorObjectResultFactory.InvalidGrantType()); } IList <string> scopes = new List <string>(); if (!string.IsNullOrEmpty(request.Scope)) { scopes = request.Scope.Split(' ', ','); foreach (string scope in scopes) { if (!application.Scopes.Contains(scope)) { return(ErrorObjectResultFactory.InvalidScope()); } } } var accessToken = _authorizeService.CreateAccessToken(application.ApplicationId, scopes); return(new Token { AccessToken = accessToken.TokenId, ExpiresIn = _appSetgings.AccessTokenExpiresIn, Scope = string.Join(' ', accessToken.Scopes), TokenType = "Bearer", }); } else { throw new NotImplementedException(); } }