/// <summary>
        /// Reads an access token to find out what data it authorizes access to.
        /// </summary>
        /// <param name="message">The message carrying the access token.</param>
        /// <param name="accessToken">The access token's serialized representation.</param>
        /// <returns>The deserialized, validated token.</returns>
        /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception>
        public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken)
        {
            var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey);
            var token = new AccessToken();

            accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token);
            return(token);
        }
예제 #2
0
        /// <summary>
        /// Reads an access token to find out what data it authorizes access to.
        /// </summary>
        /// <param name="message">The message carrying the access token.</param>
        /// <param name="accessToken">The access token's serialized representation.</param>
        /// <returns>The deserialized, validated token.</returns>
        /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception>
        public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken)
        {
            ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken);
            var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey);
            var token = new AccessToken();

            try {
                accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token);
            } catch (IOException ex) {
                throw new ProtocolException(ResourceServerStrings.InvalidAccessToken, ex);
            }

            return(token);
        }