public AuthenticationConclusion conclude(TokenResponse tokenResp)
        {
            AuthenticationConclusion conclusion = new AuthenticationConclusion();
            conclusion.SessionUID = tokenResp.id_token.Claims.UserId;

            CST_Ops.recordme(this, tokenResp, conclusion, false, true);

            conclusion = pre_AuthDone(conclusion);
            if (AuthenticationDone(conclusion))
                return conclusion;
            return null;
        }
        public TokenResponse TokenEndpoint(TokenRequest req)
        {
            IDTokenAndAccessTokenEntry IDTokenAndAccessTokenEntry;
            TokenResponse resp = new TokenResponse();
            CST_Ops.recordme(this, req, resp, false, false);
            string IdPSessionSecret;
            if (req == null) return null;
            switch (req.grant_type)
            {
                case "authorization_code":
                    IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id/*, req.UserID*/, req.code);
                    if (IdPSessionSecret == null)
                        return null;
                    AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);

                    if (AuthCodeEntry.Redir_dest != req.redirect_uri)
                        return null;

                    IDTokenAndAccessTokenEntry = (IDTokenAndAccessTokenEntry)createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
                    if (IDTokenAndAccessTokenRecs.setEntry(req.access_token, req.client_id, AuthCodeEntry.UserID, IDTokenAndAccessTokenEntry) == false)
                        return null;

                    resp.access_token = IDTokenAndAccessTokenEntry.access_token;
                    resp.refresh_token = IDTokenAndAccessTokenEntry.refresh_token;
                    resp.scope = IDTokenAndAccessTokenEntry.scope;
                    resp.id_token = IDTokenAndAccessTokenEntry.id_token;
                    resp.id_token.Claims.UserId = AuthCodeEntry.UserID;
                    return resp;
            }
            return null;
        }
        public virtual TokenResponse callTokenEndpoint(TokenRequest req)
        {
            JsonDataStrcuture JsonDataStrcuture = new JsonDataStrcuture();

            string postContent = String.Format("client_id={0}&redirect_uri={1}&client_secret={2}&code={3}&grant_type=authorization_code",
                HttpUtility.UrlEncode(req.client_id),
                HttpUtility.UrlEncode(req.redirect_uri),
                HttpUtility.UrlEncode(client_secret),
                HttpUtility.UrlEncode(req.code),
                HttpUtility.UrlEncode(req.grant_type));

            HttpWebResponse response = HTTP.HTTPComm.HttpReq(TokenEndpointUrl, postContent, "POST");
            if (response != null)
            {
                DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(JsonDataStrcuture));
                JsonDataStrcuture = serializer.ReadObject(response.GetResponseStream()) as JsonDataStrcuture;
                if (JsonDataStrcuture != null)
                {
                    TokenResponse TokenResponse = new TokenResponse();
                    if (TokenResponse.parseJasonDataStructure(JsonDataStrcuture, client_secret))
                    {
                        return TokenResponse;
                    }
                    else
                        return null;
                }
            }
            return null;
        }