in wwauth/Google.Solutions.WWAuth/Adapters/StsAdapter.cs [91:142]
public async Task<TokenResponse> ExchangeTokenAsync(
ISubjectToken externalToken,
IList<string> scopes,
CancellationToken cancellationToken)
{
try
{
this.logger.Info(
"Exchanging token for audience '{0}'",
this.Audience);
using (var service = CreateService())
{
var response = await service.V1
.Token(
new GoogleIdentityStsV1ExchangeTokenRequest()
{
Audience = this.Audience,
GrantType = "urn:ietf:params:oauth:grant-type:token-exchange",
RequestedTokenType = "urn:ietf:params:oauth:token-type:access_token",
Scope = string.Join(" ", scopes),
SubjectTokenType = externalToken.Type.GetDescription(),
SubjectToken = externalToken.Value,
})
.WithCredentials<
Google.Apis.CloudSecurityToken.v1.V1Resource.TokenRequest,
GoogleIdentityStsV1ExchangeTokenResponse>(this.clientSecrets)
.ExecuteAsync(cancellationToken)
.ConfigureAwait(false);
this.logger.Info("Successfully exchanged token");
return new TokenResponse()
{
AccessToken = response.AccessToken,
ExpiresInSeconds = response.ExpiresIn,
TokenType = response.TokenType
};
}
}
catch (GoogleApiException e)
{
//
// Try to convert the exception.
//
var tokenException = TokenExchangeException.FromApiException(e);
this.logger.Error(tokenException, "{0}", tokenException.Message);
throw tokenException;
}
}