This project has moved. For the latest updates, please go here.

Format OAuthAuthorizationServer JSON response

Jun 21, 2014 at 10:16 PM
Edited Jun 21, 2014 at 10:17 PM
I'm going to use the OAuthAuthorizationServer with an existing Web API 2 project. Today when I issue a request for a token in my authentication server I get the JSON response using the following format:
"access_token": "M63Z...wsH0g-EX",
"token_type": "bearer",
"expires_in": 3599,
"refresh_token": "d8508ad0-c2b1-45a0-8a3e-e94c4ec9a716"

But in my Web API project I use a camel case pattern for my variables name. Besides that I also have a custom Media-Type Formatter that adds a wrapper around the response. I'd like to keep this pattern on my authorization server and get a response like this:
"Meta": { //metadata info },
"Data": {
            "AccessToken": "M63Z...wsH0g-EX",
            "TokenType": "bearer",
            "ExpiresIn": 3599,
            "RefreshToken": "d8508ad0-c2b1-45a0-8a3e-e94c4ec9a716"
}

How can I format this JSON response?
Jun 22, 2014 at 11:16 AM
You can't do that: the OAuthAuthorizationServerMiddleware only returns specs-compatible responses (the OAuth2 specs explicitely state that "unless otherwise noted, all the protocol parameter names and values are case sensitive" : http://tools.ietf.org/html/rfc6749)

That said, thanks to Manfred, you can now add items to the code/token response using AuthorizationEndpointResponse and TokenEndpointResponse in IOAuthAuthorizationServerProvider. Take a look at https://katanaproject.codeplex.com/SourceControl/network/forks/manfredsteyer/Issue248Alternative/contribution/6651 to see how it works. While you can't replace the standard values (access_token, token_type, expires_in, refresh_token), you can add your "metadata" directly in the response.

Good luck.