public virtual async Task <OAuthClient> GetClient(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken)
{
var accessToken = handlerContext.Request.GetToken(AutenticationSchemes.Bearer, AutenticationSchemes.Basic);
if (string.IsNullOrWhiteSpace(accessToken))
{
Logger.LogError("access token is missing");
throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.MISSING_ACCESS_TOKEN);
}
var clients = await OAuthClientQueryRepository.Find(new Persistence.Parameters.SearchClientParameter
{
RegistrationAccessToken = accessToken
}, cancellationToken);
if (!clients.Content.Any())
{
Logger.LogError($"access token '{accessToken}' is invalid");
throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.BAD_ACCESS_TOKEN);
}
var client = clients.Content.First();
if (client.ClientId != clientId)
{
client.RegistrationAccessToken = null;
await OAuthClientCommandRepository.Update(client, cancellationToken);
await OAuthClientCommandRepository.SaveChanges(cancellationToken);
Logger.LogError($"access token '{accessToken}' can be used for the client '{client.ClientId}' and not for the client '{clientId}'");
throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, string.Format(ErrorMessages.ACCESS_TOKEN_VALID_CLIENT, client.ClientId, clientId));
}
return(client);
}
