public object ExecuteTokenOperation(OAuth2Client client, ITokenService tokenService, string optionalCode)
        {
            // load the associated user for client credentials flow
            var user = tokenService.GetClientCredentialsUser(client);

            if (user == null)
            {
                return(new { error = "invalid principal", error_description = "Can't find the associated principal for client_credentials_flow" });
            }
            ;

            // give the custom implementation a chance to adapt the claims
            var claims = tokenService.GetTokenClaims(user);

            // issue the token
            var issuedAccessToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenAudience(), 1 * 60 * 60, client.ClientSecret);

            // done
            return(new
            {
                access_token = issuedAccessToken.TokenValue,
                token_type = issuedAccessToken.TokenType,
                expires_in = Convert.ToInt64((issuedAccessToken.Expires - DateTime.UtcNow).TotalSeconds).ToString()
            });
        }
示例#2
0
        public object ExecuteTokenOperation(OAuth2Client client, ITokenService tokenService, string optionalCode)
        {
            // consume the code
            var user = tokenService.ConsumeCode(optionalCode);

            if (user == null)
            {
                return(new { error = "invalid code", error_description = "the given code is invalid" });
            }
            ;

            // give the custom implementation a chance to adapt the claims
            var claims = tokenService.GetTokenClaims(user);

            // issue the token
            var issuedAccessToken  = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenAudience(), 24 * 60 * 60, client.ClientSecret);
            var issuedRefreshToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenIssuer(), 6 * 30 * 24 * 60 * 60, client.ClientSecret);

            // done
            return(new
            {
                access_token = issuedAccessToken.TokenValue,
                refresh_token = issuedRefreshToken.TokenValue,
                token_type = issuedAccessToken.TokenType,
                expires_in = Convert.ToInt64((issuedAccessToken.Expires - DateTime.UtcNow).TotalSeconds).ToString()
            });
        }
        /// <summary>
        /// We need to generate a token in this flow so just issue the JWT token for the given user
        /// </summary>
        /// <returns>The authorize operation.</returns>
        /// <param name="user">User.</param>
        /// <param name="client">Client.</param>
        /// <param name="tokenService">TokenService.</param>
        public Dictionary <string, string> ExecuteAuthorizeOperation(ClaimsPrincipal user, OAuth2Client client, ITokenService tokenService)
        {
            // give the custom implementation a chance to adapt the claims
            var claims = tokenService.GetTokenClaims(user);

            // issue the token
            var issuedToken = TokenIssueService.IssueToken(claims, tokenService.GetTokenIssuer(), tokenService.GetTokenIssuer(), 24 * 60 * 60, client.ClientSecret);

            // generate the result
            var result = new Dictionary <string, string>();

            result.Add("token_type", issuedToken.TokenType);
            result.Add("access_token", issuedToken.TokenValue);
            result.Add("expires_in", Convert.ToInt64((issuedToken.Expires - DateTime.UtcNow).TotalSeconds).ToString());

            // done
            return(result);
        }