protected AccessTokenResponse TokenEndpoint(AccessTokenRequest req)
{
AccessTokenEntry AccessTokenEntry;
string IdPSessionSecret;
if (req == null)
{
return(null);
}
AccessTokenResponse resp = new AccessTokenResponse();
CST_Ops.recordme(this, req, resp);
switch (req.grant_type)
{
case "authorization_code":
IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);
if (AuthCodeEntry.redirect_uri != req.redirect_uri)
{
return(null);
}
AccessTokenEntry = createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
if (AccessTokenRecs.setEntry(AccessTokenEntry.access_token, req.client_id, req.UserID, AccessTokenEntry) == false)
{
return(null);
}
resp.access_token = AccessTokenEntry.access_token;
resp.refresh_token = AccessTokenEntry.refresh_token;
resp.scope = AccessTokenEntry.scope;
return(resp);
case "refresh_token":
IdPSessionSecret = AccessTokenRecs.findISSByClientIDAndRefreshToken(req.client_id, req.UserID, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AccessTokenEntry = (AccessTokenEntry)AccessTokenRecs.getEntry(req.access_token, req.client_id, req.UserID);
AccessTokenEntry newAccessTokenEntry = createAccessTokenEntry(AccessTokenEntry.redirect_uri, AccessTokenEntry.scope, AccessTokenEntry.state);
if (AccessTokenRecs.setEntry(newAccessTokenEntry.access_token, req.client_id, req.UserID, newAccessTokenEntry) == false)
{
return(null);
}
resp.access_token = AccessTokenEntry.access_token;
resp.refresh_token = AccessTokenEntry.refresh_token;
resp.scope = AccessTokenEntry.scope;
return(resp);
default:
return(null);
}
}
public TokenResponse TokenEndpoint(TokenRequest req)
{
IDTokenAndAccessTokenEntry IDTokenAndAccessTokenEntry;
TokenResponse resp = new TokenResponse();
CST_Ops.recordme(this, req, resp, false, false);
string IdPSessionSecret;
if (req == null)
{
return(null);
}
switch (req.grant_type)
{
case "authorization_code":
IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);
if (AuthCodeEntry.Redir_dest != req.redirect_uri)
{
return(null);
}
IDTokenAndAccessTokenEntry = (IDTokenAndAccessTokenEntry)createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
if (IDTokenAndAccessTokenRecs.setEntry(req.access_token, req.client_id, AuthCodeEntry.UserID, IDTokenAndAccessTokenEntry) == false)
{
return(null);
}
resp.access_token = IDTokenAndAccessTokenEntry.access_token;
resp.refresh_token = IDTokenAndAccessTokenEntry.refresh_token;
resp.scope = IDTokenAndAccessTokenEntry.scope;
resp.id_token = IDTokenAndAccessTokenEntry.id_token;
resp.id_token.Claims.UserId = AuthCodeEntry.UserID;
return(resp);
}
return(null);
}