public async Task <IActionResult> Token([FromForm] TokenModel model) { if (ModelState.IsValid) { var clientIdentity = ClientIdentityHelper.GetClientIdentity(model, Request.Headers); var client = await _clientService.GetClient(clientIdentity); if (!ClientValidator.IsGrantTypeSupported(client, model.GrantType)) { // Client does not support grant type throw new SecurityException(); } return(model.GrantType switch { "client_credentials" => await GetTokenForClientCredentials(client), "authorization_code" => await GetTokenForAuthorizationCode(model, client), "refresh_token" => await GetTokenForRefreshToken(model, client), _ => throw new SecurityException($"Grant {model.GrantType} is not supported"), });