/// <summary>
/// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens.
/// </summary>
/// <param name="userName">The resource owner's username, as it is known by the authorization server.</param>
/// <param name="password">The resource owner's account password.</param>
/// <param name="scopes">The desired scope of access.</param>
/// <returns>The result, containing the tokens if successful.</returns>
public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) {
Requires.NotNullOrEmpty(userName, "userName");
Requires.NotNull(password, "password");
var authorizationState = new AuthorizationState(scopes);
var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) {
ClientIdentifier = this.ClientIdentifier,
ClientSecret = this.ClientSecret,
UserName = userName,
Password = password,
};
var response = this.Channel.Request(request);
var success = response as AccessTokenSuccessResponse;
var failure = response as AccessTokenFailedResponse;
ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany);
if (success != null) {
UpdateAuthorizationWithResponse(authorizationState, success);
} else { // failure
Logger.OAuth.Info("Resource Owner credentials rejected by the Authorization Server.");
authorizationState.Delete();
}
return authorizationState;
}
/// <summary>
/// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens.
/// </summary>
/// <param name="userName">The resource owner's username, as it is known by the authorization server.</param>
/// <param name="password">The resource owner's account password.</param>
/// <param name="scopes">The desired scope of access.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The result, containing the tokens if successful.
/// </returns>
public Task<IAuthorizationState> ExchangeUserCredentialForTokenAsync(string userName, string password, IEnumerable<string> scopes = null, CancellationToken cancellationToken = default(CancellationToken)) {
Requires.NotNullOrEmpty(userName, "userName");
Requires.NotNull(password, "password");
var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) {
RequestingUserName = userName,
Password = password,
};
return this.RequestAccessTokenAsync(request, scopes, cancellationToken);
}
/// <summary>
/// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens.
/// </summary>
/// <param name="userName">The resource owner's username, as it is known by the authorization server.</param>
/// <param name="password">The resource owner's account password.</param>
/// <param name="scopes">The desired scope of access.</param>
/// <returns>The result, containing the tokens if successful.</returns>
public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) {
Requires.NotNullOrEmpty(userName, "userName");
Requires.NotNull(password, "password");
var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) {
UserName = userName,
Password = password,
};
return this.RequestAccessToken(request, scopes);
}
