/// <summary>
        /// Is Valid OAuth 2.0 Access Token Response or OIDC Token Response.
        /// </summary>
        public static void Validate(this TokenResponse response, bool isOidc = false)
        {
            if (response == null)
            {
                new ArgumentNullException(nameof(response));
            }

            if (!response.Error.IsNullOrEmpty())
            {
                throw new ResponseErrorException(response.Error, $"{response.GetTypeName()}, {response.ErrorDescription}");
            }

            if (!isOidc && response.AccessToken.IsNullOrEmpty())
            {
                throw new ArgumentNullException(nameof(response.AccessToken), response.GetTypeName());
            }
            if (response.TokenType.IsNullOrEmpty())
            {
                throw new ArgumentNullException(nameof(response.TokenType), response.GetTypeName());
            }
            if (isOidc && response.IdToken.IsNullOrEmpty())
            {
                throw new ArgumentNullException(nameof(response.IdToken), response.GetTypeName());
            }

            response.IdToken.ValidateMaxLength(IdentityConstants.MessageLength.IdTokenMax, nameof(response.IdToken), response.GetTypeName());
            response.AccessToken.ValidateMaxLength(IdentityConstants.MessageLength.AccessTokenMax, nameof(response.AccessToken), response.GetTypeName());
            response.TokenType.ValidateMaxLength(IdentityConstants.MessageLength.TokenTypeMax, nameof(response.TokenType), response.GetTypeName());
            response.RefreshToken.ValidateMaxLength(IdentityConstants.MessageLength.RefreshTokenMax, nameof(response.RefreshToken), response.GetTypeName());
            response.Scope.ValidateMaxLength(IdentityConstants.MessageLength.ScopeMax, nameof(response.Scope), response.GetTypeName());
        }