Explicitly getting access token and refresh token in OWIN Authorization Server?

I am using the latest OWIN Auth Server with MVC 5.2.2 and WebApi 2.2. To get access token and refresh token using resource owner password flow is very simple. But when my IOS and Android SDK send me the Facebeook(or any third party) access-token and then I will validate the access-token with Facebeook(or any third party) then I need to explicitly generate access token and refresh token and send them to client. How can I get access token and refresh token when I validate the Facebook access-token

Upvotes: 1

Views: 1610

Answers (1)

Taiseer Joudeh
Taiseer Joudeh

Reputation: 9043

after you validate your social provider external access token, you need to exchange this external access token with a local access token issues by your authorization server. All the details for this implementation can be found here: http://bitoftech.net/2014/08/11/asp-net-web-api-2-external-logins-social-logins-facebook-google-angularjs-app/

Upvotes: 1

Related Questions