public object ExecuteTokenOperation(OAuth2Client client, ITokenService tokenService, string optionalCode)
{
// load the associated user for client credentials flow
var user = tokenService.GetClientCredentialsUser(client);
if (user == null)
{
return(new { error = "invalid principal", error_description = "Can't find the associated principal for client_credentials_flow" });
}
;
// give the custom implementation a chance to adapt the claims
var claims = tokenService.GetTokenClaims(user);
// issue the token
var issuedAccessToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenAudience(), 1 * 60 * 60, client.ClientSecret);
// done
return(new
{
access_token = issuedAccessToken.TokenValue,
token_type = issuedAccessToken.TokenType,
expires_in = Convert.ToInt64((issuedAccessToken.Expires - DateTime.UtcNow).TotalSeconds).ToString()
});
}
public object ExecuteTokenOperation(OAuth2Client client, ITokenService tokenService, string optionalCode)
{
// consume the code
var user = tokenService.ConsumeCode(optionalCode);
if (user == null)
{
return(new { error = "invalid code", error_description = "the given code is invalid" });
}
;
// give the custom implementation a chance to adapt the claims
var claims = tokenService.GetTokenClaims(user);
// issue the token
var issuedAccessToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenAudience(), 24 * 60 * 60, client.ClientSecret);
var issuedRefreshToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenIssuer(), 6 * 30 * 24 * 60 * 60, client.ClientSecret);
// done
return(new
{
access_token = issuedAccessToken.TokenValue,
refresh_token = issuedRefreshToken.TokenValue,
token_type = issuedAccessToken.TokenType,
expires_in = Convert.ToInt64((issuedAccessToken.Expires - DateTime.UtcNow).TotalSeconds).ToString()
});
}
/// <summary>
/// We need to generate a token in this flow so just issue the JWT token for the given user
/// </summary>
/// <returns>The authorize operation.</returns>
/// <param name="user">User.</param>
/// <param name="client">Client.</param>
/// <param name="tokenService">TokenService.</param>
public Dictionary <string, string> ExecuteAuthorizeOperation(ClaimsPrincipal user, OAuth2Client client, ITokenService tokenService)
{
// give the custom implementation a chance to adapt the claims
var claims = tokenService.GetTokenClaims(user);
// issue the token
var issuedToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenIssuer(), 24 * 60 * 60, client.ClientSecret);
// generate the result
var result = new Dictionary <string, string>();
result.Add("token_type", issuedToken.TokenType);
result.Add("access_token", issuedToken.TokenValue);
result.Add("expires_in", Convert.ToInt64((issuedToken.Expires - DateTime.UtcNow).TotalSeconds).ToString());
// done
return(result);
}
