I was wondering if it is possible to implement with openiddict a delegation grant type similar to the one implemented here with Identity Server.
var result = await _validator.ValidateAccessTokenAsync(userToken);
if (result.IsError)
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant);
return;
}
Is there any equivalent method to ValidateAccessTokenAsync in openiddict in order to validate the token and access some of its properties?
Implementation of standard token exchange is tracked by https://github.com/openiddict/openiddict-core/issues/1249.
In the meantime, you can override the default ValidateTokenParameter handler to work with your custom grant and extract the access token from the customer parameter you use:
Then, you can call the IOpenIddictServerDispatcher.DispatchAsync() method with an instance of ProcessAuthenticationContext to trigger an authentication event. If IsRejected is true, this means the token is not valid. Otherwise, you'll be able to access its claims principal.
