/// <inheritdoc/>
public async Task <RequestTokenResponse> RequestTokenAsync(string clientId, string clientSecret, string requestTokenUrl, string redirectUrl, string code)
{
Validation.RejectNullOrEmpty(clientId, "clientId");
Validation.RejectNullOrEmpty(clientSecret, "clientSecret");
Validation.RejectNullOrEmpty(requestTokenUrl, "requestTokenUrl");
Validation.RejectNullOrEmpty(redirectUrl, "redirectUrl");
Validation.RejectNullOrEmpty(code, "code");
try
{
var encodedAuthentication = BasicAuthentication.Encode(clientId, clientSecret);
var formData = new List <BasicKeyValuePair>()
{
new BasicKeyValuePair(Parameters.AUTHENTICATION_REDIRECT_URI, redirectUrl),
new BasicKeyValuePair(Parameters.CODE, code),
new BasicKeyValuePair(Parameters.GRANT_TYPE, DefaultOptions.GRANT_TYPE)
};
RestResponse response = await _client.PostAsync(requestTokenUrl, encodedAuthentication, formData, null, null);
var tokenResponse = new RequestTokenResponse(response);
return(tokenResponse);
}
catch (Exception e) when(e is HttpRequestException || e is System.Net.WebException || e is TaskCanceledException)
{
throw new MobileConnectEndpointHttpException(e.Message, e);
}
}
/// <inheritdoc/>
public TokenValidationResult ValidateTokenResponse(RequestTokenResponse tokenResponse, string clientId, string issuer, string nonce, int?maxAge, JWKeyset keyset, string version)
{
if (tokenResponse?.ResponseData == null)
{
Log.Warning(() => $"Token was incomplete from issuer={issuer}");
return(TokenValidationResult.IncompleteTokenResponse);
}
TokenValidationResult result = TokenValidation.ValidateAccessToken(tokenResponse.ResponseData);
if (result != TokenValidationResult.Valid)
{
Log.Warning(() => $"Access token was invalid from issuer={issuer}");
return(result);
}
result = TokenValidation.ValidateIdToken(tokenResponse.ResponseData.IdToken, clientId, issuer, nonce, maxAge, keyset, version);
if (result != TokenValidationResult.Valid)
{
Log.Warning(() => $"IDToken was invalid from issuer={issuer} for reason={result}");
}
return(result);
}
