private HttpResponseMessage ProcessAuthorizationCodeRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing authorization code request");
var tokenService = new OidcTokenService(
ServerConfiguration.Global.IssuerUri,
ServerConfiguration.Keys.SigningCertificate);
var response = tokenService.CreateTokenResponse(validatedRequest.Grant, validatedRequest.Client.AccessTokenLifetime);
Grants.Delete(validatedRequest.Grant.GrantId);
if (validatedRequest.Grant.Scopes.Contains(OidcConstants.Scopes.OfflineAccess) &&
validatedRequest.Client.AllowRefreshToken)
{
var refreshToken = StoredGrant.CreateRefreshToken(
validatedRequest.Grant.ClientId,
validatedRequest.Grant.Subject,
validatedRequest.Grant.Scopes,
validatedRequest.Client.RefreshTokenLifetime);
Grants.Add(refreshToken);
response.RefreshToken = refreshToken.GrantId;
}
return Request.CreateTokenResponse(response);
}
private HttpResponseMessage ProcessAuthorizationCodeRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing authorization code request");
var tokenService = new OidcTokenService(
ServerConfiguration.Global.IssuerUri,
ServerConfiguration.Keys.SigningCertificate);
var response = tokenService.CreateTokenResponse(validatedRequest.Grant, validatedRequest.Client.AccessTokenLifetime);
Grants.Delete(validatedRequest.Grant.GrantId);
if (validatedRequest.Grant.Scopes.Contains(OidcConstants.Scopes.OfflineAccess) &&
validatedRequest.Client.AllowRefreshToken)
{
var refreshToken = StoredGrant.CreateRefreshToken(
validatedRequest.Grant.ClientId,
validatedRequest.Grant.Subject,
validatedRequest.Grant.Scopes,
validatedRequest.Client.RefreshTokenLifetime);
Grants.Add(refreshToken);
response.RefreshToken = refreshToken.GrantId;
}
return(Request.CreateTokenResponse(response));
}
private HttpResponseMessage ProcessRefreshTokenRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing refresh token request");
var tokenService = new OidcTokenService(ServerConfiguration.Global.IssuerUri, ServerConfiguration.Keys.SigningCertificate);
var response = tokenService.CreateTokenResponse(validatedRequest.Grant);
response.RefreshToken = validatedRequest.Grant.GrantId;
return Request.CreateTokenResponse(response);
}
private HttpResponseMessage ProcessRefreshTokenRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing refresh token request");
var tokenService = new OidcTokenService(
ServerConfiguration.Global.IssuerUri,
ServerConfiguration.Keys.SigningCertificate);
var response = tokenService.CreateTokenResponse(validatedRequest.Grant, validatedRequest.Client.AccessTokenLifetime);
response.RefreshToken = validatedRequest.Grant.GrantId;
return(Request.CreateTokenResponse(response));
}