// Validate the grant_type and the client application credentials.
public override async Task ValidateTokenRequest(ValidateTokenRequestContext context)
{
// Reject the token requests that don't use grant_type=password or grant_type=refresh_token.
if (!context.Request.IsPasswordGrantType() && !context.Request.IsRefreshTokenGrantType())
{
// Handle response ourselves and return an object.
context.HandleResponse();
context.HttpContext.Response.ContentType = "application/json";
context.HttpContext.Response.StatusCode = 400;
await context.HttpContext.Response.WriteAsync(
JsonConvert.SerializeObject(
new
{
error = OpenIdConnectConstants.Errors.UnsupportedGrantType,
error_description = "Only grant_type=password or grant_type=refresh_token are accepted by this server."
}));
return;
}
// Check if refresh-token exists in DB.
if (context.Request.IsRefreshTokenGrantType())
{
if (!await DatabaseProvider.IsRefreshTokenExists(context.Request.RefreshToken))
{
// Handle response ourselves and return an object.
context.HandleResponse();
context.HttpContext.Response.ContentType = "application/json";
context.HttpContext.Response.StatusCode = 400;
await context.HttpContext.Response.WriteAsync(
JsonConvert.SerializeObject(
new
{
error = OpenIdConnectConstants.Errors.InvalidClient,
error_description = "Invalid client."
}));
return;
}
}
context.Skip();
return;
}