private async Task SecurityTokenValidatedAsync(SecurityTokenValidatedNotification <OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
context.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", context.ProtocolMessage.IdToken));
context.AuthenticationTicket.Identity.AddClaim(new Claim("access_token", context.ProtocolMessage.AccessToken));
if (!string.IsNullOrEmpty(context.ProtocolMessage.RefreshToken))
{
context.AuthenticationTicket.Identity.AddClaim(new Claim("refresh_token", context.ProtocolMessage.RefreshToken));
}
FillNameIdentifierClaimOnIdentity(context.AuthenticationTicket.Identity);
if (_oktaMvcOptions.GetClaimsFromUserInfoEndpoint)
{
await _userInformationProvider.EnrichIdentityViaUserInfoAsync(context.AuthenticationTicket.Identity, context.ProtocolMessage.AccessToken).ConfigureAwait(false);
}
await _oktaMvcOptions.SecurityTokenValidated(context).ConfigureAwait(false);
}
