I made this method because the actual project was working with tokens in Header, and for my project I have to read the body (my token is in body). What I did was first checking if the token is under Authorization, if not check the body... But I´ve become the feedback that the best way to solve that is based on my Client, because im the only one reading the token from Body..
private string GetTokenFromHeader()
{
string value = _contextAccessor.HttpContext.Request.Headers["Authorization"];
if (value.IsNull()) //if null, check body.
return GoogleGetTokenFromBody(_contextAccessor);
return value.Substring(IdentityServerAuthenticationDefaults.AuthenticationScheme.Length + 1).Trim();
}
I have no clue how to filter a request by client name, has someone an idea or suggestion?