/// <summary> /// The OAuth 2.0 token endpoint. /// </summary> /// <returns>The response to the Client.</returns> public string Post(AccessTokenRequest tokenRequest) { // only 'refresh' is implemented if (tokenRequest.grant_type == GRANT_REFRESH) { string refreshToken = this.Request.RequestUri.ParseQueryString()["refresh_token"]; AppAuthorization appAuth = OAuthTokenUtility.ValidateRefreshToken(tokenRequest.app_id, tokenRequest.app_secret, refreshToken); if (appAuth == null) { // invalid request return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage() { Type = "OAuthException", Message = "could not grant refreshed access token. please check your client id, client secret, and refresh token id (did it expire?)" })); } else { // create new access token AppAuthorization newAppAuth = OAuthTokenUtility.AccessTokenRefresh(appAuth); return(Newtonsoft.Json.JsonConvert.SerializeObject(new AccessTokenMessage() { access_token = newAppAuth.AuthToken, refresh_token = newAppAuth.RefreshToken, token_type = "bearer", expiration_utc = newAppAuth.AuthTokenExpiration, scope = newAppAuth.Scope })); } } if (tokenRequest.grant_type == GRANT_ACCESS) { // requesting an authorization token using a short lived auth code var authCode = this.Request.RequestUri.ParseQueryString()["code"]; return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage() { Type = "OAuthException", Message = "new access tokens not granted by this server" })); } return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage() { Type = "OAuthException", Message = "not a valid grant_type" })); }
/// <summary> /// this should validate the access token against the requesturi and method it is attempting to execute /// </summary> /// <param name="accessToken"></param> /// <returns></returns> private static bool IsAccessTokenValid(HttpRequestMessage request) { var accessToken = HttpUtility.UrlDecode(request.RequestUri.ParseQueryString()["access_token"]); return(OAuthTokenUtility.ValidateAccessToken(accessToken, request)); }