AccessToken is now a public class.

Resource Servers can now handle access tokens that are issued for a client's data (not a 3rd party resource owner's).
Client Identifiers are no longer included in access tokens for unauthenticated clients.

More work needed on IAccessTokenAnalyzer and the access token formatter.  We need to generalize the serialization itself so folks can use JWT, etc.
We also still need access token to have a host-defined map of claims.

Fixes #104
Fixes #102

0 files changed, 0 insertions, 0 deletions