public AccessTokenModule(IAccessTokenEndPointService service, IErrorResponseBuilder errorResponseBuilder) : base("/oauth/access_token") { this.RequiresAuthentication(); Post["/"] = parameters => { var request = this.Bind <AccessTokenRequest>(); // Perhaps always validate that the grant type == "authorization_code" and // return an error with unsupported_grant_type message??? // Needs to validate that the authorization code was issues to the logged in // user and nobody else. Also need to verify the redirect_uri. Possibly verify // that the code is still valid to use (time-to-live) var results = service.ValidateRequest(request, this.Context); if (!results.IsValid) { return(Response.AsErrorResponse(errorResponseBuilder.Build(results.ErrorType, null), request.RedirectUri)); } var response = service.CreateAccessTokenResponse(request, this.Context); // TODO: need to set "Cache-Control: no-store" and "Pragma: no-cache" headers on the response to comply with the specification return(Response.AsJson(response)); }; }
public AccessTokenModule(IAccessTokenEndPointService service, IErrorResponseBuilder errorResponseBuilder) : base("/oauth/access_token") { this.RequiresAuthentication(); Post["/"] = parameters =>{ var request = this.Bind<AccessTokenRequest>(); // Perhaps always validate that the grant type == "authorization_code" and // return an error with unsupported_grant_type message??? // Needs to validate that the authorization code was issues to the logged in // user and nobody else. Also need to verify the redirect_uri. Possibly verify // that the code is still valid to use (time-to-live) var results = service.ValidateRequest(request, this.Context); if (!results.IsValid) { return Response.AsErrorResponse(errorResponseBuilder.Build(results.ErrorType, null), request.RedirectUri); } var response = service.CreateAccessTokenResponse(request, this.Context); // TODO: need to set "Cache-Control: no-store" and "Pragma: no-cache" headers on the response to comply with the specification return Response.AsJson(response); }; }