diff options
Diffstat (limited to 'samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs')
| -rw-r--r-- | samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index 0ea702d..b16b478 100644 --- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -39,14 +39,14 @@ get { return MvcApplication.KeyNonceStore; } } - public AccessTokenParameters GetAccessTokenParameters(IAccessTokenRequest accessTokenRequestMessage) { - var parameters = new AccessTokenParameters(); + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken(); // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - parameters.AccessTokenLifetime = TimeSpan.FromMinutes(2); + accessToken.Lifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. @@ -55,12 +55,13 @@ // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - parameters.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); - parameters.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + accessToken.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + accessToken.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); - parameters.AccessTokenSigningKey = CreateRSA(); + accessToken.AccessTokenSigningKey = CreateRSA(); - return parameters; + var result = new AccessTokenResult(accessToken); + return result; } public IClientDescription GetClient(string clientIdentifier) { |