I'm trying to validate client id in ValidateClientAuthentication function. I'm using grant_type=password flow. Here is how I'm passing client_id in auth token request body.
Content-Type: application/x-www-form-urlencoded
grant_type=password&[email protected]&password=pwduser1&client_id=B36B-07DEAC802BEA
When I try to access ClientId for validating client id, it is always null.
if (context.ClientId != null)
{
//Set the client who initiated request is valid
context.Validated();
}
else
{
//reject access to application
context.Rejected();
context.SetError("Invalid client_id", "Client_id must present in the request header");
}
What is the right way to pass client id to token endpoint when grant_type=password?
Appreciate your help.
if your client_id
is passed as a form param, you'll have to get it by doing context.TryGetFormCredentials(out clientId, out clientSecret);
if your client_id
is passed as an Authorization
header, you can get it by doing context.TryGetBasicCredentials(out clientId, out clientSecret);
once you've got the client_id
from your request, do context.Validated(clientId)
, this will set your context.ClientId
property, this property will always be null until you've done context.Validated()
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With