/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = new AccessToken(); accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token); return(token); }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken); var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = new AccessToken(); try { accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token); } catch (IOException ex) { throw new ProtocolException(ResourceServerStrings.InvalidAccessToken, ex); } return(token); }