public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
return;
}
//如果用户未申请refreshtoken 不进行验证
var client = await _clientApp.Get(clientId);
if (client == null)
{
return;
}
if (client.Secret != clientSecret)
{
return;
}
context.OwinContext.Set <string>("as:client_id", clientId);
context.OwinContext.Set <string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
context.Validated(clientId);
await base.ValidateClientAuthentication(context);
}
