/// <summary> /// Check whether the specified refresh token is valid. /// </summary> /// <param name="context">The acess token endpoint specific context.</param> /// <returns>The task to check whether the specified authorization code is valid.</returns> /// <exception cref="ArgumentNullException">Specified <paramref name="context"/> is null.</exception> protected virtual async Task ValidateRefreshTokenAsync(TokenContext context) { Guard.ArgumentNotNull(context, nameof(context)); if (context.RefreshToken.HasExpired(SystemClock)) { context.Failed(OAuthErrors.InvalidGrant.RefreshTokenHasExpired); } if (!await OAuthGrantStore.VaidateRefreshTokenAsync(context.RefreshToken.Fingerprint)) { context.Failed(OAuthErrors.InvalidGrant.RefreshTokenIsRevoked); } }
/// <summary> /// Validates resource accessing context. /// </summary> /// <param name="context">The resource accessing context.</param> /// <returns> /// The task to validate the resource accessing context. /// </returns> public async Task ValidateResourceContextAsync(ResourceContext context) { Guard.ArgumentNotNull(context, nameof(context)); if (context.OAuthTicket.HasExpired(SystemClock)) { context.Failed(OAuthErrors.UnauthorizedClient.AccessTokenHasExpired); return; } if (!await OAuthGrantStore.VaidateAccessTokenAsync(context.OAuthTicket.Fingerprint)) { context.Failed(OAuthErrors.UnauthorizedClient.AccessTokenIsRevoked); return; } if (!context.ResourceEndpoint.Scopes.Intersect(context.OAuthTicket.Scopes).Any()) { context.Failed(OAuthErrors.UnauthorizedClient.UnauthorizedScopes); } }