public async Task <OAuth2AccessToken> RequestTokenWithWithSiteTokenAsync(OAuth2Credential credential, X509Certificate2 certificate, string accessToken, string resourceId, string scope) { if (credential == null) { throw new ArgumentNullException("credential"); } if (certificate == null) { throw new ArgumentNullException("certificate"); } Dictionary <string, string> fields = new Dictionary <string, string>(); var clientId = certificate.GetRawCertData(); var random = new RNGCryptoServiceProvider(); var nonce = new byte[32]; random.GetBytes(nonce); var dataToSign = Utils.Append(new UTF8Encoding(false).GetBytes(accessToken), nonce); var signature = RsaUtils.RsaPkcs15Sha1_Sign(new ArraySegment <byte>(dataToSign), certificate); fields["grant_type"] = "urn:opcfoundation.org:oauth2:site_token"; fields["client_id"] = Convert.ToBase64String(clientId); fields["client_secret"] = Convert.ToBase64String(signature); fields["nonce"] = Convert.ToBase64String(nonce); fields["access_token"] = accessToken; if (!String.IsNullOrEmpty(credential.RedirectUrl)) { fields["redirect_uri"] = credential.RedirectUrl; } if (!String.IsNullOrEmpty(resourceId)) { fields["resource"] = resourceId; } if (!String.IsNullOrEmpty(scope)) { fields["scope"] = scope; } var url = new UriBuilder(credential.AuthorityUrl); url.Path += credential.TokenEndpoint; return(await RequestTokenAsync(url.Uri, fields)); }