/// <summary>
/// Create a request token from the request.
/// </summary>
/// <param name="httpRequest">The current http request.</param>
/// <param name="rawUri">A System.Uri object containing information regarding the URL of the current request.</param>
/// <param name="queryString">The collection of HTTP query string variables.</param>
/// <param name="form">The collection of form variables.</param>
/// <param name="headers">The collection of HTTP headers.</param>
/// <param name="cookies">The collection of cookies sent by the client.</param>
/// <param name="responseHeaders">The response headers for the request.</param>
/// <param name="returnType">The type of response to return.</param>
/// <returns>The token if successful; else null.</returns>
private object CreateToken(HttpRequestBase httpRequest, Uri rawUri, NameValueCollection queryString,
NameValueCollection form, NameValueCollection headers, HttpCookieCollection cookies,
out System.Net.WebHeaderCollection responseHeaders, int returnType)
{
OutgoingWebResponse outgoingWebResponse = null;
AccessTokenSuccessResponse accessTokenSuccessResponse = null;
IProtocolMessage message = null;
string codeKey = null;
string refreshToken = null;
string clientID = null;
string nonce = null;
try
{
// Make sure that all the passed parameters are valid.
if (httpRequest == null)
{
throw new ArgumentNullException("httpRequest");
}
if (rawUri == null)
{
throw new ArgumentNullException("rawUri");
}
if (queryString == null)
{
throw new ArgumentNullException("queryString");
}
if (form == null)
{
throw new ArgumentNullException("form");
}
if (headers == null)
{
throw new ArgumentNullException("headers");
}
if (cookies == null)
{
throw new ArgumentNullException("cookies");
}
// Set the crytography key store values.
_authorizationServer.AuthorizationServerServices.CryptoKeyStore.ExpiryDateTime = DateTime.UtcNow.AddYears(1);
_authorizationServer.AuthorizationServerServices.CryptoKeyStore.GetCodeKey = true;
// Attempt to find the 'code' parameter in the form.
IEnumerable <string> codeKeys = form.AllKeys.Where(u => u.EndsWith("code"));
if (codeKeys == null || codeKeys.Count() < 1)
{
// Attempt to find the 'code' parameter in the query string.
if (queryString != null || queryString.Keys.Count > 0)
{
if (queryString["code"] != null)
{
codeKey = queryString["code"];
}
}
}
else
{
codeKey = form["code"];
}
// If a code value exists.
if (!String.IsNullOrEmpty(codeKey))
{
// Get the nonce data for the code value.
nonce = _tokenStore.GetNonce(codeKey);
}
// Attempt to find the 'refresh_token' parameter in the form.
IEnumerable <string> refreshTokens = form.AllKeys.Where(u => u.EndsWith("refresh_token"));
if (refreshTokens == null || refreshTokens.Count() < 1)
{
// Attempt to find the 'refresh_token' parameter in the query string.
if (queryString != null || queryString.Keys.Count > 0)
{
if (queryString["refresh_token"] != null)
{
refreshToken = queryString["refresh_token"];
}
}
}
else
{
refreshToken = form["refresh_token"];
}
// Pass a refresh token
if (!String.IsNullOrEmpty(refreshToken))
{
string clientIdentifier = null;
string clientSecret = null;
// Get the refresh token data from the http request.
_oAuthAuthorizationServer.GetRefreshTokenData(queryString, form, out clientIdentifier, out clientSecret);
// Get the nonce data for the code value.
nonce = _tokenStore.GetNonce(refreshToken, clientIdentifier, clientSecret);
}
// Handles an incoming request to the authorization server's token endpoint.
message = _authorizationServer.HandleTokenRequest(nonce, out clientID, out accessTokenSuccessResponse, httpRequest);
// Set the crytography key store values after finding the client identifier.
_authorizationServer.AuthorizationServerServices.CryptoKeyStore.ClientIndetifier = clientID;
// Handles an incoming request to the authorization server's token endpoint.
outgoingWebResponse = _authorizationServer.HandleTokenRequestPrepareResponse(message);
// Update the access token.
if (accessTokenSuccessResponse != null)
{
if (!String.IsNullOrEmpty(accessTokenSuccessResponse.AccessToken))
{
_tokenStore.UpdateAccessToken(accessTokenSuccessResponse.AccessToken, nonce, accessTokenSuccessResponse.RefreshToken);
}
}
// What type should be returned.
switch (returnType)
{
case 0:
// The complete html body.
responseHeaders = outgoingWebResponse.Headers;
return(outgoingWebResponse.Body);
default:
// Default is html body.
responseHeaders = outgoingWebResponse.Headers;
return(outgoingWebResponse.Body);
}
}
catch (Exception ex)
{
// Get the current token errors.
responseHeaders = null;
_tokenError = ex.Message;
return(null);
}
}