public async Task <TokenResponse> FetchTokenAsync(string userId, TokenRequest request,
CancellationToken taskCancellationToken)
{
// Add client id and client secret to requests.
request.ClientId = ClientSecrets.ClientId;
request.ClientSecret = ClientSecrets.ClientSecret;
try
{
var tokenResponse = await request.ExecuteAsync
(httpClient, TokenServerUrl, taskCancellationToken, Clock).ConfigureAwait(false);
return(tokenResponse);
}
catch (TokenResponseException ex)
{
// In case there is an exception during getting the token, we delete any user's token information from
// the data store if it's not a server-side error.
int statusCode = (int)(ex.StatusCode ?? (HttpStatusCode)0);
bool serverError = statusCode >= 500 && statusCode < 600;
if (!serverError)
{
// If not a server error, then delete the user token information.
// This is to guard against suspicious client-side behaviour.
await DeleteTokenAsync(userId, taskCancellationToken).ConfigureAwait(false);
}
throw;
}
}
internal async Task <TokenResponse> FetchTokenAsync(string userId, TokenRequest request,
CancellationToken taskCancellationToken)
{
// Add client id and client secret to requests.
request.ClientId = ClientSecrets.ClientId;
request.ClientSecret = ClientSecrets.ClientSecret;
TokenResponseException tokenException = null;
try
{
var tokenResponse = await request.ExecuteAsync
(httpClient, TokenServerUrl, taskCancellationToken, Clock).ConfigureAwait(false);
return(tokenResponse);
}
catch (TokenResponseException ex)
{
// In case there is an exception during getting the token, we delete any user's token information from
// the data store.
tokenException = ex;
}
await DeleteTokenAsync(userId, taskCancellationToken).ConfigureAwait(false);
throw tokenException;
}
