public virtual AccessTokenResponse SVX_MakeAccessTokenResponse(AccessTokenRequest req, AuthorizationCodeParams codeParamsHint) { // We should only get here with req.grant_type == // "authorization_code", so we don't have to worry about modeling // what IdP does in any other case. if (req.grant_type != "authorization_code") { return(SVX.VProgram_API.Nondet <AccessTokenResponse>()); } authorizationCodeGenerator.Verify(codeParamsHint, req.code); if (req.redirect_uri != codeParamsHint.redirect_uri) { throw new Exception("Authorization code RP mismatch"); } var tokenParams = new AccessTokenParams { userID = codeParamsHint.userID }; var token = accessTokenGenerator.Generate(tokenParams); return(new AccessTokenResponse { access_token = token }); }
public UserProfileResponse SVX_MakeUserProfileResponse(UserProfileRequest req, AccessTokenParams tokenParamsHint) { accessTokenGenerator.Verify(tokenParamsHint, req.access_token); return(CreateUserProfileResponse(tokenParamsHint.userID)); }