brockallen
commented
10 years ago Given how AuthorizationServer is architected, I'd suggest swapping in a different IResourceOwnerCredentialValidation via the dependency injection system. You'd then need to use the current HTTP request to determine which implementation to use.
I have a scenario where I have two client apps looking to call the Authorization service for ResourceOwner flow. The only problem is that I would like them to have different Identity validation. I see in the Authorization service we can add multiple applications. Is it possible to assign a particular Identity provider to a particular Authorization server application?
Otherwise, I think I would need to forward some kind of header to the let the Identity provider know which validation strategy to take. I hope this makes sense.