The GrantValidationResult class models the outcome of grant validation for extensions grants and resource owner password grants.
It models either a successful validation result with claims (e.g. subject ID) or an invalid result with an error code and message, e.g.:
public class ExtensionGrantValidator : IExtensionGrantValidator
{
public Task ValidateAsync(ExtensionGrantValidationContext context)
{
// some validation steps
if (success)
{
context.Result = new GrantValidationResult(
subject: "818727",
authenticationMethod: "custom",
claims: extraClaims);
}
else
{
// custom error message
context.Result = new GrantValidationResult(
TokenRequestErrors.InvalidGrant,
"invalid custom credential");
}
return Task.CompletedTask;
}
}
It also allows passing additional custom values that will be included in the token response, e.g.:
context.Result = new GrantValidationResult(
subject: "818727",
authenticationMethod: "custom",
customResponse: new Dictionary<string, object>
{
{ "some_data", "some_value" }
});
This will result in the following token response:
{
"access_token": "...",
"token_type": "Bearer",
"expires_in": 360,
"some_data": "some_value"
}