Introduce new constants

samples/Mvc.Server/Controllers/UserinfoController.cs

@@ -31,7 +31,7 @@ namespace Mvc.Server.Controllers
             {
                 return BadRequest(new OpenIdConnectResponse
                 {
-                    Error = OpenIdConnectConstants.Errors.InvalidGrant,
+                    Error = OpenIddictConstants.Errors.InvalidGrant,
                     ErrorDescription = "The user profile is no longer available."
                 });
             }
@@ -39,21 +39,21 @@ namespace Mvc.Server.Controllers
             var claims = new JObject();
 
             // Note: the "sub" claim is a mandatory claim and must be included in the JSON response.
-            claims[OpenIdConnectConstants.Claims.Subject] = await _userManager.GetUserIdAsync(user);
+            claims[OpenIddictConstants.Claims.Subject] = await _userManager.GetUserIdAsync(user);
 
-            if (User.HasClaim(OpenIdConnectConstants.Claims.Scope, OpenIdConnectConstants.Scopes.Email))
+            if (User.HasClaim(OpenIddictConstants.Claims.Scope, OpenIddictConstants.Scopes.Email))
             {
-                claims[OpenIdConnectConstants.Claims.Email] = await _userManager.GetEmailAsync(user);
+                claims[OpenIddictConstants.Claims.Email] = await _userManager.GetEmailAsync(user);
-                claims[OpenIdConnectConstants.Claims.EmailVerified] = await _userManager.IsEmailConfirmedAsync(user);
+                claims[OpenIddictConstants.Claims.EmailVerified] = await _userManager.IsEmailConfirmedAsync(user);
             }
 
-            if (User.HasClaim(OpenIdConnectConstants.Claims.Scope, OpenIdConnectConstants.Scopes.Phone))
+            if (User.HasClaim(OpenIddictConstants.Claims.Scope, OpenIddictConstants.Scopes.Phone))
             {
-                claims[OpenIdConnectConstants.Claims.PhoneNumber] = await _userManager.GetPhoneNumberAsync(user);
+                claims[OpenIddictConstants.Claims.PhoneNumber] = await _userManager.GetPhoneNumberAsync(user);
-                claims[OpenIdConnectConstants.Claims.PhoneNumberVerified] = await _userManager.IsPhoneNumberConfirmedAsync(user);
+                claims[OpenIddictConstants.Claims.PhoneNumberVerified] = await _userManager.IsPhoneNumberConfirmedAsync(user);
             }
 
-            if (User.HasClaim(OpenIdConnectConstants.Claims.Scope, OpenIddictConstants.Scopes.Roles))
+            if (User.HasClaim(OpenIddictConstants.Claims.Scope, OpenIddictConstants.Scopes.Roles))
             {
                 claims[OpenIddictConstants.Claims.Roles] = JArray.FromObject(await _userManager.GetRolesAsync(user));
             }

samples/Mvc.Server/Startup.cs

@@ -48,9 +48,9 @@ namespace Mvc.Server
             // which saves you from doing the mapping in your authorization controller.
             services.Configure<IdentityOptions>(options =>
             {
-                options.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
+                options.ClaimsIdentity.UserNameClaimType = OpenIddictConstants.Claims.Name;
-                options.ClaimsIdentity.UserIdClaimType = OpenIdConnectConstants.Claims.Subject;
+                options.ClaimsIdentity.UserIdClaimType = OpenIddictConstants.Claims.Subject;
-                options.ClaimsIdentity.RoleClaimType = OpenIdConnectConstants.Claims.Role;
+                options.ClaimsIdentity.RoleClaimType = OpenIddictConstants.Claims.Role;
             });
 
             services.AddAuthentication()
@@ -97,8 +97,8 @@ namespace Mvc.Server
                            .AllowRefreshTokenFlow();
 
                     // Mark the "email", "profile" and "roles" scopes as supported scopes.
-                    options.RegisterScopes(OpenIdConnectConstants.Scopes.Email,
+                    options.RegisterScopes(OpenIddictConstants.Scopes.Email,
-                                           OpenIdConnectConstants.Scopes.Profile,
+                                           OpenIddictConstants.Scopes.Profile,
                                            OpenIddictConstants.Scopes.Roles);
 
                     // When request caching is enabled, authorization and logout requests

src/OpenIddict.Abstractions/OpenIddictConstants.cs

@@ -123,6 +123,61 @@ namespace OpenIddict.Abstractions
             public const string ConcurrencyError = "concurrency_error";
         }
 
+        public static class GrantTypes
+        {
+            public const string AuthorizationCode = "authorization_code";
+            public const string ClientCredentials = "client_credentials";
+            public const string Implicit = "implicit";
+            public const string Password = "password";
+            public const string RefreshToken = "refresh_token";
+        }
+
+        public static class Metadata
+        {
+            public const string AcrValuesSupported = "acr_values_supported";
+            public const string AuthorizationEndpoint = "authorization_endpoint";
+            public const string ClaimsLocalesSupported = "claims_locales_supported";
+            public const string ClaimsParameterSupported = "claims_parameter_supported";
+            public const string ClaimsSupported = "claims_supported";
+            public const string ClaimTypesSupported = "claim_types_supported";
+            public const string CodeChallengeMethodsSupported = "code_challenge_methods_supported";
+            public const string DisplayValuesSupported = "display_values_supported";
+            public const string EndSessionEndpoint = "end_session_endpoint";
+            public const string GrantTypesSupported = "grant_types_supported";
+            public const string IdTokenEncryptionAlgValuesSupported = "id_token_encryption_alg_values_supported";
+            public const string IdTokenEncryptionEncValuesSupported = "id_token_encryption_enc_values_supported";
+            public const string IdTokenSigningAlgValuesSupported = "id_token_signing_alg_values_supported";
+            public const string IntrospectionEndpoint = "introspection_endpoint";
+            public const string IntrospectionEndpointAuthMethodsSupported = "introspection_endpoint_auth_methods_supported";
+            public const string IntrospectionEndpointAuthSigningAlgValuesSupported = "introspection_endpoint_auth_signing_alg_values_supported";
+            public const string Issuer = "issuer";
+            public const string JwksUri = "jwks_uri";
+            public const string OpPolicyUri = "op_policy_uri";
+            public const string OpTosUri = "op_tos_uri";
+            public const string RequestObjectEncryptionAlgValuesSupported = "request_object_encryption_alg_values_supported";
+            public const string RequestObjectEncryptionEncValuesSupported = "request_object_encryption_enc_values_supported";
+            public const string RequestObjectSigningAlgValuesSupported = "request_object_signing_alg_values_supported";
+            public const string RequestParameterSupported = "request_parameter_supported";
+            public const string RequestUriParameterSupported = "request_uri_parameter_supported";
+            public const string RequireRequestUriRegistration = "require_request_uri_registration";
+            public const string ResponseModesSupported = "response_modes_supported";
+            public const string ResponseTypesSupported = "response_types_supported";
+            public const string RevocationEndpoint = "revocation_endpoint";
+            public const string RevocationEndpointAuthMethodsSupported = "revocation_endpoint_auth_methods_supported";
+            public const string RevocationEndpointAuthSigningAlgValuesSupported = "revocation_endpoint_auth_signing_alg_values_supported";
+            public const string ScopesSupported = "scopes_supported";
+            public const string ServiceDocumentation = "service_documentation";
+            public const string SubjectTypesSupported = "subject_types_supported";
+            public const string TokenEndpoint = "token_endpoint";
+            public const string TokenEndpointAuthMethodsSupported = "token_endpoint_auth_methods_supported";
+            public const string TokenEndpointAuthSigningAlgValuesSupported = "token_endpoint_auth_signing_alg_values_supported";
+            public const string UiLocalesSupported = "ui_locales_supported";
+            public const string UserinfoEncryptionAlgValuesSupported = "userinfo_encryption_alg_values_supported";
+            public const string UserinfoEncryptionEncValuesSupported = "userinfo_encryption_enc_values_supported";
+            public const string UserinfoEndpoint = "userinfo_endpoint";
+            public const string UserinfoSigningAlgValuesSupported = "userinfo_signing_alg_values_supported";
+        }
+
         public static class Parameters
         {
             public const string AccessToken = "access_token";
@@ -241,6 +296,21 @@ namespace OpenIddict.Abstractions
             public const string String = "#public_string";
         }
 
+        public static class ResponseModes
+        {
+            public const string FormPost = "form_post";
+            public const string Fragment = "fragment";
+            public const string Query = "query";
+        }
+
+        public static class ResponseTypes
+        {
+            public const string Code = "code";
+            public const string IdToken = "id_token";
+            public const string None = "none";
+            public const string Token = "token";
+        }
+
         public static class Separators
         {
             public const string Space = " ";

src/OpenIddict.Server/Internal/OpenIddictServerInitializer.cs

@@ -7,7 +7,6 @@
 using System;
 using System.Linq;
 using System.Text;
-using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
@@ -15,6 +14,7 @@ using Microsoft.AspNetCore.DataProtection;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
+using OpenIddict.Abstractions;
 
 namespace OpenIddict.Server.Internal
 {
@@ -135,18 +135,18 @@ namespace OpenIddict.Server.Internal
 
             // Ensure the authorization endpoint has been enabled when
             // the authorization code or implicit grants are supported.
-            if (!options.AuthorizationEndpointPath.HasValue && (options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode) ||
+            if (!options.AuthorizationEndpointPath.HasValue && (options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.AuthorizationCode) ||
-                                                                options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.Implicit)))
+                                                                options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.Implicit)))
             {
                 throw new InvalidOperationException("The authorization endpoint must be enabled to use the authorization code and implicit flows.");
             }
 
             // Ensure the token endpoint has been enabled when the authorization code,
             // client credentials, password or refresh token grants are supported.
-            if (!options.TokenEndpointPath.HasValue && (options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode) ||
+            if (!options.TokenEndpointPath.HasValue && (options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.AuthorizationCode) ||
-                                                        options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.ClientCredentials) ||
+                                                        options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.ClientCredentials) ||
-                                                        options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.Password) ||
+                                                        options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.Password) ||
-                                                        options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken)))
+                                                        options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.RefreshToken)))
             {
                 throw new InvalidOperationException(
                     "The token endpoint must be enabled to use the authorization code, client credentials, password and refresh token flows.");
@@ -190,7 +190,7 @@ namespace OpenIddict.Server.Internal
 
             // Ensure at least one asymmetric signing certificate/key was registered if the implicit flow was enabled.
             if (!options.SigningCredentials.Any(credentials => credentials.Key is AsymmetricSecurityKey) &&
-                 options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.Implicit))
+                 options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.Implicit))
             {
                 throw new InvalidOperationException(new StringBuilder()
                     .AppendLine("At least one asymmetric signing key must be registered when enabling the implicit flow.")
@@ -201,9 +201,9 @@ namespace OpenIddict.Server.Internal
             }
 
             // Automatically add the offline_access scope if the refresh token grant has been enabled.
-            if (options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken))
+            if (options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.RefreshToken))
             {
-                options.Scopes.Add(OpenIdConnectConstants.Scopes.OfflineAccess);
+                options.Scopes.Add(OpenIddictConstants.Scopes.OfflineAccess);
             }
         }
     }

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Authentication.cs

@@ -42,7 +42,7 @@ namespace OpenIddict.Server.Internal
                                  "an unsupported parameter: {Parameter}.", "request");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.RequestNotSupported,
+                    error: OpenIddictConstants.Errors.RequestNotSupported,
                     description: "The 'request' parameter is not supported.");
 
                 return;
@@ -55,7 +55,7 @@ namespace OpenIddict.Server.Internal
                                  "an unsupported parameter: {Parameter}.", "request_uri");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.RequestUriNotSupported,
+                    error: OpenIddictConstants.Errors.RequestUriNotSupported,
                     description: "The 'request_uri' parameter is not supported.");
 
                 return;
@@ -72,7 +72,7 @@ namespace OpenIddict.Server.Internal
                                      "request caching support was not enabled.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'request_id' parameter is not supported.");
 
                     return;
@@ -89,7 +89,7 @@ namespace OpenIddict.Server.Internal
                                      "or invalid request_id parameter was specified.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The specified 'request_id' parameter is invalid.");
 
                     return;
@@ -126,7 +126,7 @@ namespace OpenIddict.Server.Internal
                                  "response type is not supported.", context.Request.ResponseType);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedResponseType,
+                    error: OpenIddictConstants.Errors.UnsupportedResponseType,
                     description: "The specified 'response_type' parameter is not supported.");
 
                 return;
@@ -134,50 +134,50 @@ namespace OpenIddict.Server.Internal
 
             // Reject code flow authorization requests if the authorization code flow is not enabled.
             if (context.Request.IsAuthorizationCodeFlow() &&
-               !options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode))
+               !options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.AuthorizationCode))
             {
                 _logger.LogError("The authorization request was rejected because " +
                                  "the authorization code flow was not enabled.");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedResponseType,
+                    error: OpenIddictConstants.Errors.UnsupportedResponseType,
                     description: "The specified 'response_type' parameter is not allowed.");
 
                 return;
             }
 
             // Reject implicit flow authorization requests if the implicit flow is not enabled.
-            if (context.Request.IsImplicitFlow() && !options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.Implicit))
+            if (context.Request.IsImplicitFlow() && !options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.Implicit))
             {
                 _logger.LogError("The authorization request was rejected because the implicit flow was not enabled.");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedResponseType,
+                    error: OpenIddictConstants.Errors.UnsupportedResponseType,
                     description: "The specified 'response_type' parameter is not allowed.");
 
                 return;
             }
 
             // Reject hybrid flow authorization requests if the authorization code or the implicit flows are not enabled.
-            if (context.Request.IsHybridFlow() && (!options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode) ||
+            if (context.Request.IsHybridFlow() && (!options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.AuthorizationCode) ||
-                                                   !options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.Implicit)))
+                                                   !options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.Implicit)))
             {
                 _logger.LogError("The authorization request was rejected because the " +
                                  "authorization code flow or the implicit flow was not enabled.");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedResponseType,
+                    error: OpenIddictConstants.Errors.UnsupportedResponseType,
                     description: "The specified 'response_type' parameter is not allowed.");
 
                 return;
             }
 
             // Reject authorization requests that specify scope=offline_access if the refresh token flow is not enabled.
-            if (context.Request.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess) &&
+            if (context.Request.HasScope(OpenIddictConstants.Scopes.OfflineAccess) &&
-               !options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken))
+               !options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.RefreshToken))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The 'offline_access' scope is not allowed.");
 
                 return;
@@ -204,7 +204,7 @@ namespace OpenIddict.Server.Internal
                     _logger.LogError("The authentication request was rejected because invalid scopes were specified: {Scopes}.", scopes);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidScope,
+                        error: OpenIddictConstants.Errors.InvalidScope,
                         description: "The specified 'scope' parameter is not valid.");
 
                     return;
@@ -222,7 +222,7 @@ namespace OpenIddict.Server.Internal
                                  "response mode is not supported.", context.Request.ResponseMode);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The specified 'response_mode' parameter is not supported.");
 
                 return;
@@ -235,7 +235,7 @@ namespace OpenIddict.Server.Internal
             if (string.IsNullOrEmpty(context.RedirectUri))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The mandatory 'redirect_uri' parameter is missing.");
 
                 return;
@@ -253,7 +253,7 @@ namespace OpenIddict.Server.Internal
                                      "required 'code_challenge_method' parameter was missing.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'code_challenge_method' parameter must be specified.");
 
                     return;
@@ -267,20 +267,20 @@ namespace OpenIddict.Server.Internal
                                      "'code_challenge_method' parameter was set to 'plain'.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The specified 'code_challenge_method' parameter is not allowed.");
 
                     return;
                 }
 
                 // Reject authorization requests that contain response_type=token when a code_challenge is specified.
-                if (context.Request.HasResponseType(OpenIdConnectConstants.ResponseTypes.Token))
+                if (context.Request.HasResponseType(OpenIddictConstants.ResponseTypes.Token))
                 {
                     _logger.LogError("The authorization request was rejected because the " +
                                      "specified response type was not compatible with PKCE.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The specified 'response_type' parameter is not allowed when using PKCE.");
 
                     return;
@@ -295,7 +295,7 @@ namespace OpenIddict.Server.Internal
                                  "application was not found: '{ClientId}'.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The specified 'client_id' parameter is invalid.");
 
                 return;
@@ -310,10 +310,10 @@ namespace OpenIddict.Server.Internal
             // Note: when using the authorization code grant, ValidateTokenRequest is responsible of rejecting
             // the token request if the client_id corresponds to an unauthenticated confidential client.
             if (await _applicationManager.IsConfidentialAsync(application) &&
-                context.Request.HasResponseType(OpenIdConnectConstants.ResponseTypes.Token))
+                context.Request.HasResponseType(OpenIddictConstants.ResponseTypes.Token))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                    error: OpenIddictConstants.Errors.UnauthorizedClient,
                     description: "The specified 'response_type' parameter is not valid for this client application.");
 
                 return;
@@ -327,7 +327,7 @@ namespace OpenIddict.Server.Internal
                                  "was not allowed to use the authorization endpoint.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                    error: OpenIddictConstants.Errors.UnauthorizedClient,
                     description: "This client application is not allowed to use the authorization endpoint.");
 
                 return;
@@ -343,7 +343,7 @@ namespace OpenIddict.Server.Internal
                                      "was not allowed to use the authorization code flow.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                        error: OpenIddictConstants.Errors.UnauthorizedClient,
                         description: "The client application is not allowed to use the authorization code flow.");
 
                     return;
@@ -357,7 +357,7 @@ namespace OpenIddict.Server.Internal
                                      "was not allowed to use the implicit flow.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                        error: OpenIddictConstants.Errors.UnauthorizedClient,
                         description: "The client application is not allowed to use the implicit flow.");
 
                     return;
@@ -372,7 +372,7 @@ namespace OpenIddict.Server.Internal
                                      "was not allowed to use the hybrid flow.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                        error: OpenIddictConstants.Errors.UnauthorizedClient,
                         description: "The client application is not allowed to use the hybrid flow.");
 
                     return;
@@ -380,14 +380,14 @@ namespace OpenIddict.Server.Internal
 
                 // Reject the request if the offline_access scope was request and if
                 // the application is not allowed to use the refresh token grant type.
-                if (context.Request.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess) &&
+                if (context.Request.HasScope(OpenIddictConstants.Scopes.OfflineAccess) &&
                    !await _applicationManager.HasPermissionAsync(application, OpenIddictConstants.Permissions.GrantTypes.RefreshToken))
                 {
                     _logger.LogError("The authorization request was rejected because the application '{ClientId}' " +
                                      "was not allowed to request the 'offline_access' scope.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The client application is not allowed to use the 'offline_access' scope.");
 
                     return;
@@ -401,7 +401,7 @@ namespace OpenIddict.Server.Internal
                                  "was invalid: '{RedirectUri}'.", context.RedirectUri);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The specified 'redirect_uri' parameter is not valid for this client application.");
 
                 return;
@@ -414,8 +414,8 @@ namespace OpenIddict.Server.Internal
                 foreach (var scope in context.Request.GetScopes())
                 {
                     // Avoid validating the "openid" and "offline_access" scopes as they represent protocol scopes.
-                    if (string.Equals(scope, OpenIdConnectConstants.Scopes.OfflineAccess, StringComparison.Ordinal) ||
+                    if (string.Equals(scope, OpenIddictConstants.Scopes.OfflineAccess, StringComparison.Ordinal) ||
-                        string.Equals(scope, OpenIdConnectConstants.Scopes.OpenId, StringComparison.Ordinal))
+                        string.Equals(scope, OpenIddictConstants.Scopes.OpenId, StringComparison.Ordinal))
                     {
                         continue;
                     }
@@ -427,7 +427,7 @@ namespace OpenIddict.Server.Internal
                                          "was not allowed to use the scope {Scope}.", context.ClientId, scope);
 
                         context.Reject(
-                            error: OpenIdConnectConstants.Errors.InvalidRequest,
+                            error: OpenIddictConstants.Errors.InvalidRequest,
                             description: "This client application is not allowed to use the specified scope.");
 
                         return;
@@ -474,7 +474,7 @@ namespace OpenIddict.Server.Internal
                 var address = QueryHelpers.AddQueryString(
                     uri: context.HttpContext.Request.Scheme + "://" + context.HttpContext.Request.Host +
                          context.HttpContext.Request.PathBase + context.HttpContext.Request.Path,
-                    name: OpenIdConnectConstants.Parameters.RequestId, value: context.Request.RequestId);
+                    name: OpenIddictConstants.Parameters.RequestId, value: context.Request.RequestId);
 
                 context.HttpContext.Response.Redirect(address);
 

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs

@@ -39,18 +39,18 @@ namespace OpenIddict.Server.Internal
                                  "grant type is not supported.", context.Request.GrantType);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedGrantType,
+                    error: OpenIddictConstants.Errors.UnsupportedGrantType,
                     description: "The specified 'grant_type' parameter is not supported.");
 
                 return;
             }
 
             // Reject token requests that specify scope=offline_access if the refresh token flow is not enabled.
-            if (context.Request.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess) &&
+            if (context.Request.HasScope(OpenIddictConstants.Scopes.OfflineAccess) &&
-               !options.GrantTypes.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken))
+               !options.GrantTypes.Contains(OpenIddictConstants.GrantTypes.RefreshToken))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The 'offline_access' scope is not allowed.");
 
                 return;
@@ -64,7 +64,7 @@ namespace OpenIddict.Server.Internal
             if (context.Request.IsAuthorizationCodeGrantType() && string.IsNullOrEmpty(context.Request.RedirectUri))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The mandatory 'redirect_uri' parameter is missing.");
 
                 return;
@@ -76,10 +76,10 @@ namespace OpenIddict.Server.Internal
             // that rejects grant_type=client_credentials requests containing the 'offline_access' scope.
             // See https://tools.ietf.org/html/rfc6749#section-4.4.3 for more information.
             if (context.Request.IsClientCredentialsGrantType() &&
-                context.Request.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess))
+                context.Request.HasScope(OpenIddictConstants.Scopes.OfflineAccess))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The 'offline_access' scope is not valid for the specified 'grant_type' parameter.");
 
                 return;
@@ -106,7 +106,7 @@ namespace OpenIddict.Server.Internal
                     _logger.LogError("The token request was rejected because invalid scopes were specified: {Scopes}.", scopes);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidScope,
+                        error: OpenIddictConstants.Errors.InvalidScope,
                         description: "The specified 'scope' parameter is not valid.");
 
                     return;
@@ -120,7 +120,7 @@ namespace OpenIddict.Server.Internal
                                                                    string.IsNullOrEmpty(context.Request.ClientSecret)))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The 'client_id' and 'client_secret' parameters are " +
                                  "required when using the client credentials grant.");
 
@@ -141,7 +141,7 @@ namespace OpenIddict.Server.Internal
                                      "mandatory client_id parameter was missing or empty.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The mandatory 'client_id' parameter is missing.");
 
                     return;
@@ -163,7 +163,7 @@ namespace OpenIddict.Server.Internal
                                  "application was not found: '{ClientId}'.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified 'client_id' parameter is invalid.");
 
                 return;
@@ -181,7 +181,7 @@ namespace OpenIddict.Server.Internal
                                  "was not allowed to use the token endpoint.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                    error: OpenIddictConstants.Errors.UnauthorizedClient,
                     description: "This client application is not allowed to use the token endpoint.");
 
                 return;
@@ -197,7 +197,7 @@ namespace OpenIddict.Server.Internal
                                      "use the specified grant type: {GrantType}.", context.ClientId, context.Request.GrantType);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                        error: OpenIddictConstants.Errors.UnauthorizedClient,
                         description: "This client application is not allowed to use the specified grant type.");
 
                     return;
@@ -205,14 +205,14 @@ namespace OpenIddict.Server.Internal
 
                 // Reject the request if the offline_access scope was request and if
                 // the application is not allowed to use the refresh token grant type.
-                if (context.Request.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess) &&
+                if (context.Request.HasScope(OpenIddictConstants.Scopes.OfflineAccess) &&
                    !await _applicationManager.HasPermissionAsync(application, OpenIddictConstants.Permissions.GrantTypes.RefreshToken))
                 {
                     _logger.LogError("The token request was rejected because the application '{ClientId}' " +
                                      "was not allowed to request the 'offline_access' scope.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The client application is not allowed to use the 'offline_access' scope.");
 
                     return;
@@ -228,7 +228,7 @@ namespace OpenIddict.Server.Internal
                                      "was not allowed to use the client credentials grant.", context.Request.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                        error: OpenIddictConstants.Errors.UnauthorizedClient,
                         description: "The specified 'grant_type' parameter is not valid for this client application.");
 
                     return;
@@ -241,7 +241,7 @@ namespace OpenIddict.Server.Internal
                                      "was not allowed to send a client secret.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'client_secret' parameter is not valid for this client application.");
 
                     return;
@@ -265,7 +265,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' didn't specify a client secret.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The 'client_secret' parameter required for this client application is missing.");
 
                 return;
@@ -277,7 +277,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' didn't specify valid client credentials.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified client credentials are invalid.");
 
                 return;
@@ -290,8 +290,8 @@ namespace OpenIddict.Server.Internal
                 foreach (var scope in context.Request.GetScopes())
                 {
                     // Avoid validating the "openid" and "offline_access" scopes as they represent protocol scopes.
-                    if (string.Equals(scope, OpenIdConnectConstants.Scopes.OfflineAccess, StringComparison.Ordinal) ||
+                    if (string.Equals(scope, OpenIddictConstants.Scopes.OfflineAccess, StringComparison.Ordinal) ||
-                        string.Equals(scope, OpenIdConnectConstants.Scopes.OpenId, StringComparison.Ordinal))
+                        string.Equals(scope, OpenIddictConstants.Scopes.OpenId, StringComparison.Ordinal))
                     {
                         continue;
                     }
@@ -304,7 +304,7 @@ namespace OpenIddict.Server.Internal
                                          "was not allowed to use the scope {Scope}.", context.ClientId, scope);
 
                         context.Reject(
-                            error: OpenIdConnectConstants.Errors.InvalidRequest,
+                            error: OpenIddictConstants.Errors.InvalidRequest,
                             description: "This client application is not allowed to use the specified scope.");
 
                         return;
@@ -373,7 +373,7 @@ namespace OpenIddict.Server.Internal
                                      "or refresh token '{Identifier}' has already been redeemed.", identifier);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidGrant,
+                        error: OpenIddictConstants.Errors.InvalidGrant,
                         description: context.Request.IsAuthorizationCodeGrantType() ?
                             "The specified authorization code has already been redeemed." :
                             "The specified refresh token has already been redeemed.");
@@ -387,7 +387,7 @@ namespace OpenIddict.Server.Internal
                                      "or refresh token '{Identifier}' was no longer valid.", identifier);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidGrant,
+                        error: OpenIddictConstants.Errors.InvalidGrant,
                         description: context.Request.IsAuthorizationCodeGrantType() ?
                             "The specified authorization code is no longer valid." :
                             "The specified refresh token is no longer valid.");
@@ -411,7 +411,7 @@ namespace OpenIddict.Server.Internal
                                          "the associated authorization was no longer valid.");
 
                         context.Reject(
-                            error: OpenIdConnectConstants.Errors.InvalidGrant,
+                            error: OpenIddictConstants.Errors.InvalidGrant,
                             description: context.Request.IsAuthorizationCodeGrantType() ?
                                 "The authorization associated with the authorization code is no longer valid." :
                                 "The authorization associated with the refresh token is no longer valid.");

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs

@@ -35,7 +35,7 @@ namespace OpenIddict.Server.Internal
             {
                 Principal = ticket.Principal,
                 Status = OpenIddictConstants.Statuses.Valid,
-                Subject = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.Subject),
+                Subject = ticket.Principal.GetClaim(OpenIddictConstants.Claims.Subject),
                 Type = OpenIddictConstants.AuthorizationTypes.AdHoc
             };
 
@@ -120,7 +120,7 @@ namespace OpenIddict.Server.Internal
                 ExpirationDate = ticket.Properties.ExpiresUtc,
                 Principal = ticket.Principal,
                 Status = OpenIddictConstants.Statuses.Valid,
-                Subject = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.Subject),
+                Subject = ticket.Principal.GetClaim(OpenIddictConstants.Claims.Subject),
                 Type = type
             };
 

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs

@@ -36,7 +36,7 @@ namespace OpenIddict.Server.Internal
             if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.ClientSecret))
             {
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidRequest,
+                    error: OpenIddictConstants.Errors.InvalidRequest,
                     description: "The mandatory 'client_id' and/or 'client_secret' parameters are missing.");
 
                 return;
@@ -50,7 +50,7 @@ namespace OpenIddict.Server.Internal
                                  "application was not found: '{ClientId}'.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified 'client_id' parameter is invalid.");
 
                 return;
@@ -68,7 +68,7 @@ namespace OpenIddict.Server.Internal
                                  "was not allowed to use the introspection endpoint.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                    error: OpenIddictConstants.Errors.UnauthorizedClient,
                     description: "This client application is not allowed to use the introspection endpoint.");
 
                 return;
@@ -81,7 +81,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' was not allowed to use this endpoint.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "This client application is not allowed to use the introspection endpoint.");
 
                 return;
@@ -94,7 +94,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' didn't specify valid client credentials.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified client credentials are invalid.");
 
                 return;

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs

@@ -38,7 +38,7 @@ namespace OpenIddict.Server.Internal
                 if (string.Equals(context.Request.TokenTypeHint, OpenIdConnectConstants.TokenTypeHints.IdToken))
                 {
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnsupportedTokenType,
+                        error: OpenIddictConstants.Errors.UnsupportedTokenType,
                         description: "The specified 'token_type_hint' parameter is not supported.");
 
                     return;
@@ -48,7 +48,7 @@ namespace OpenIddict.Server.Internal
                     string.Equals(context.Request.TokenTypeHint, OpenIdConnectConstants.TokenTypeHints.AccessToken))
                 {
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.UnsupportedTokenType,
+                        error: OpenIddictConstants.Errors.UnsupportedTokenType,
                         description: "The specified 'token_type_hint' parameter is not supported.");
 
                     return;
@@ -69,7 +69,7 @@ namespace OpenIddict.Server.Internal
                                      "mandatory client_id parameter was missing or empty.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The mandatory 'client_id' parameter is missing.");
 
                     return;
@@ -91,7 +91,7 @@ namespace OpenIddict.Server.Internal
                                  "application was not found: '{ClientId}'.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified 'client_id' parameter is invalid.");
 
                 return;
@@ -109,7 +109,7 @@ namespace OpenIddict.Server.Internal
                                  "was not allowed to use the revocation endpoint.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnauthorizedClient,
+                    error: OpenIddictConstants.Errors.UnauthorizedClient,
                     description: "This client application is not allowed to use the revocation endpoint.");
 
                 return;
@@ -124,7 +124,7 @@ namespace OpenIddict.Server.Internal
                                      "'{ClientId}' was not allowed to use this endpoint.", context.ClientId);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'client_secret' parameter is not valid for this client application.");
 
                     return;
@@ -148,7 +148,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' didn't specify a client secret.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The 'client_secret' parameter required for this client application is missing.");
 
                 return;
@@ -160,7 +160,7 @@ namespace OpenIddict.Server.Internal
                                  "'{ClientId}' didn't specify valid client credentials.", context.ClientId);
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.InvalidClient,
+                    error: OpenIddictConstants.Errors.InvalidClient,
                     description: "The specified client credentials are invalid.");
 
                 return;
@@ -184,7 +184,7 @@ namespace OpenIddict.Server.Internal
                 _logger.LogError("The revocation request was rejected because identity tokens are not revocable.");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedTokenType,
+                    error: OpenIddictConstants.Errors.UnsupportedTokenType,
                     description: "The specified token cannot be revoked.");
 
                 return;
@@ -196,7 +196,7 @@ namespace OpenIddict.Server.Internal
                 _logger.LogError("The revocation request was rejected because the access token was not revocable.");
 
                 context.Reject(
-                    error: OpenIdConnectConstants.Errors.UnsupportedTokenType,
+                    error: OpenIddictConstants.Errors.UnsupportedTokenType,
                     description: "The specified token cannot be revoked.");
 
                 return;

src/OpenIddict.Server/Internal/OpenIddictServerProvider.Session.cs

@@ -42,7 +42,7 @@ namespace OpenIddict.Server.Internal
                     _logger.LogError("The logout request was rejected because request caching support was not enabled.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'request_id' parameter is not supported.");
 
                     return;
@@ -59,7 +59,7 @@ namespace OpenIddict.Server.Internal
                                      "or invalid request_id parameter was specified.");
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The specified 'request_id' parameter is invalid.");
 
                     return;
@@ -97,7 +97,7 @@ namespace OpenIddict.Server.Internal
                                      "a valid absolute URL: {PostLogoutRedirectUri}.", context.PostLogoutRedirectUri);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'post_logout_redirect_uri' parameter must be a valid absolute URL.");
 
                     return;
@@ -109,7 +109,7 @@ namespace OpenIddict.Server.Internal
                                      "a URL fragment: {PostLogoutRedirectUri}.", context.PostLogoutRedirectUri);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The 'post_logout_redirect_uri' parameter must not include a fragment.");
 
                     return;
@@ -146,7 +146,7 @@ namespace OpenIddict.Server.Internal
                                      "was unknown: {PostLogoutRedirectUri}.", context.PostLogoutRedirectUri);
 
                     context.Reject(
-                        error: OpenIdConnectConstants.Errors.InvalidRequest,
+                        error: OpenIddictConstants.Errors.InvalidRequest,
                         description: "The specified 'post_logout_redirect_uri' parameter is not valid.");
 
                     return;
@@ -192,7 +192,7 @@ namespace OpenIddict.Server.Internal
                 var address = QueryHelpers.AddQueryString(
                     uri: context.HttpContext.Request.Scheme + "://" + context.HttpContext.Request.Host +
                          context.HttpContext.Request.PathBase + context.HttpContext.Request.Path,
-                    name: OpenIdConnectConstants.Parameters.RequestId, value: context.Request.RequestId);
+                    name: OpenIddictConstants.Parameters.RequestId, value: context.Request.RequestId);
 
                 context.HttpContext.Response.Redirect(address);
 

src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs

@@ -127,15 +127,15 @@ namespace OpenIddict.Server.Internal
                     // Always include the "openid" scope when the developer doesn't explicitly call SetScopes.
                     // Note: the application is allowed to specify a different "scopes": in this case,
                     // don't replace the "scopes" property stored in the authentication ticket.
-                    if (context.Request.HasScope(OpenIdConnectConstants.Scopes.OpenId) && !context.Ticket.HasScope())
+                    if (context.Request.HasScope(OpenIddictConstants.Scopes.OpenId) && !context.Ticket.HasScope())
                     {
-                        context.Ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId);
+                        context.Ticket.SetScopes(OpenIddictConstants.Scopes.OpenId);
                     }
 
-                    context.IncludeIdentityToken = context.Ticket.HasScope(OpenIdConnectConstants.Scopes.OpenId);
+                    context.IncludeIdentityToken = context.Ticket.HasScope(OpenIddictConstants.Scopes.OpenId);
                 }
 
-                context.IncludeRefreshToken = context.Ticket.HasScope(OpenIdConnectConstants.Scopes.OfflineAccess);
+                context.IncludeRefreshToken = context.Ticket.HasScope(OpenIddictConstants.Scopes.OfflineAccess);
 
                 // Always include a refresh token for grant_type=refresh_token requests if
                 // rolling tokens are enabled and if the offline_access scope was specified.
@@ -160,7 +160,7 @@ namespace OpenIddict.Server.Internal
                         if (!await TryRedeemTokenAsync(token))
                         {
                             context.Reject(
-                                error: OpenIdConnectConstants.Errors.InvalidGrant,
+                                error: OpenIddictConstants.Errors.InvalidGrant,
                                 description: context.Request.IsAuthorizationCodeGrantType() ?
                                     "The specified authorization code is no longer valid." :
                                     "The specified refresh token is no longer valid.");

src/OpenIddict.Server/OpenIddictServerBuilder.cs

@@ -13,12 +13,12 @@ using System.Linq;
 using System.Reflection;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
-using AspNet.Security.OpenIdConnect.Primitives;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.IdentityModel.Tokens;
+using OpenIddict.Abstractions;
 using OpenIddict.Extensions;
 using OpenIddict.Server;
 
@@ -399,7 +399,7 @@ namespace Microsoft.Extensions.DependencyInjection
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
         public OpenIddictServerBuilder AllowAuthorizationCodeFlow()
-            => Configure(options => options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.AuthorizationCode));
+            => Configure(options => options.GrantTypes.Add(OpenIddictConstants.GrantTypes.AuthorizationCode));
 
         /// <summary>
         /// Enables client credentials flow support. For more information about this
@@ -407,7 +407,7 @@ namespace Microsoft.Extensions.DependencyInjection
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
         public OpenIddictServerBuilder AllowClientCredentialsFlow()
-            => Configure(options => options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.ClientCredentials));
+            => Configure(options => options.GrantTypes.Add(OpenIddictConstants.GrantTypes.ClientCredentials));
 
         /// <summary>
         /// Enables custom grant type support.
@@ -432,7 +432,7 @@ namespace Microsoft.Extensions.DependencyInjection
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
         public OpenIddictServerBuilder AllowImplicitFlow()
-            => Configure(options => options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.Implicit));
+            => Configure(options => options.GrantTypes.Add(OpenIddictConstants.GrantTypes.Implicit));
 
         /// <summary>
         /// Enables password flow support. For more information about this specific
@@ -440,7 +440,7 @@ namespace Microsoft.Extensions.DependencyInjection
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
         public OpenIddictServerBuilder AllowPasswordFlow()
-            => Configure(options => options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.Password));
+            => Configure(options => options.GrantTypes.Add(OpenIddictConstants.GrantTypes.Password));
 
         /// <summary>
         /// Enables refresh token flow support. For more information about this
@@ -448,7 +448,7 @@ namespace Microsoft.Extensions.DependencyInjection
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
         public OpenIddictServerBuilder AllowRefreshTokenFlow()
-            => Configure(options => options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.RefreshToken));
+            => Configure(options => options.GrantTypes.Add(OpenIddictConstants.GrantTypes.RefreshToken));
 
         /// <summary>
         /// Disables authorization storage so that ad-hoc authorizations are

src/OpenIddict.Server/OpenIddictServerOptions.cs

@@ -7,9 +7,9 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Cryptography;
-using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
 using Microsoft.Extensions.Caching.Distributed;
+using OpenIddict.Abstractions;
 using OpenIddict.Server.Internal;
 
 namespace OpenIddict.Server
@@ -46,12 +46,12 @@ namespace OpenIddict.Server
         /// </summary>
         public ISet<string> Claims { get; } = new HashSet<string>(StringComparer.Ordinal)
         {
-            OpenIdConnectConstants.Claims.Audience,
+            OpenIddictConstants.Claims.Audience,
-            OpenIdConnectConstants.Claims.ExpiresAt,
+            OpenIddictConstants.Claims.ExpiresAt,
-            OpenIdConnectConstants.Claims.IssuedAt,
+            OpenIddictConstants.Claims.IssuedAt,
-            OpenIdConnectConstants.Claims.Issuer,
+            OpenIddictConstants.Claims.Issuer,
-            OpenIdConnectConstants.Claims.JwtId,
+            OpenIddictConstants.Claims.JwtId,
-            OpenIdConnectConstants.Claims.Subject
+            OpenIddictConstants.Claims.Subject
         };
 
         /// <summary>
@@ -128,7 +128,7 @@ namespace OpenIddict.Server
         /// </summary>
         public ISet<string> Scopes { get; } = new HashSet<string>(StringComparer.Ordinal)
         {
-            OpenIdConnectConstants.Scopes.OpenId
+            OpenIddictConstants.Scopes.OpenId
         };
 
         /// <summary>

test/OpenIddict.Server.Tests/Internal/OpenIddictServerInitializerTests.cs

@@ -8,7 +8,6 @@ using System;
 using System.Text;
 using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Client;
-using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Builder;
@@ -17,6 +16,7 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.TestHost;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using OpenIddict.Abstractions;
 using Xunit;
 
 namespace OpenIddict.Server.Internal.Tests
@@ -115,8 +115,8 @@ namespace OpenIddict.Server.Internal.Tests
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit)]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit)]
         public async Task PostConfigure_ThrowsAnExceptionWhenAuthorizationEndpointIsDisabled(string flow)
         {
             // Arrange
@@ -138,10 +138,10 @@ namespace OpenIddict.Server.Internal.Tests
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.ClientCredentials)]
+        [InlineData(OpenIddictConstants.GrantTypes.ClientCredentials)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Password)]
+        [InlineData(OpenIddictConstants.GrantTypes.Password)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.RefreshToken)]
+        [InlineData(OpenIddictConstants.GrantTypes.RefreshToken)]
         public async Task PostConfigure_ThrowsAnExceptionWhenTokenEndpointIsDisabled(string flow)
         {
             // Arrange

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Authentication.cs

@@ -41,12 +41,12 @@ namespace OpenIddict.Server.Internal.Tests
                 Request = "eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwOi8vd3d3LmZhYnJpa2FtLmNvbSIsImF1ZCI6Imh0" +
                           "dHA6Ly93d3cuY29udG9zby5jb20iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6" +
                           "IkZhYnJpa2FtIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL3d3dy5mYWJyaWthbS5jb20vcGF0aCJ9.",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.RequestNotSupported, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.RequestNotSupported, response.Error);
             Assert.Equal("The 'request' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -64,12 +64,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
                 RequestUri = "http://www.fabrikam.com/request/GkurKxf5T0Y-mnPFCHqWOMiZi4VS138cQO_V7PZHAdM",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.RequestUriNotSupported, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.RequestUriNotSupported, response.Error);
             Assert.Equal("The 'request_uri' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -88,7 +88,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'request_id' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -112,7 +112,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'request_id' parameter is invalid.", response.ErrorDescription);
         }
 
@@ -129,11 +129,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.None
+                ResponseType = OpenIddictConstants.ResponseTypes.None
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedResponseType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedResponseType, response.Error);
             Assert.Equal("The specified 'response_type' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -154,21 +154,21 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedResponseType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedResponseType, response.Error);
             Assert.Equal("The specified 'response_type' parameter is not supported.", response.ErrorDescription);
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode, "code")]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode, "code")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode, "code id_token")]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode, "code id_token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode, "code id_token token")]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode, "code id_token token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode, "code token")]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode, "code token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "code id_token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "code id_token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "code id_token token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "code id_token token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "code token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "code token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "id_token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "id_token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "id_token token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "id_token token")]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit, "token")]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit, "token")]
         public async Task ValidateAuthorizationRequest_RequestIsRejectedWhenCorrespondingFlowIsDisabled(string flow, string type)
         {
             // Arrange
@@ -186,11 +186,11 @@ namespace OpenIddict.Server.Internal.Tests
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseType = type,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedResponseType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedResponseType, response.Error);
             Assert.Equal("The specified 'response_type' parameter is not allowed.", response.ErrorDescription);
         }
 
@@ -216,12 +216,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
                 Scope = "unregistered_scope"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidScope, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidScope, response.Error);
             Assert.Equal("The specified 'scope' parameter is not valid.", response.ErrorDescription);
         }
 
@@ -256,7 +256,7 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Token,
+                ResponseType = OpenIddictConstants.ResponseTypes.Token,
                 Scope = "registered_scope"
             });
 
@@ -313,7 +313,7 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Token,
+                ResponseType = OpenIddictConstants.ResponseTypes.Token,
                 Scope = "scope_registered_in_database scope_registered_in_options"
             });
 
@@ -330,7 +330,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Arrange
             var server = CreateAuthorizationServer(builder =>
             {
-                builder.Configure(options => options.GrantTypes.Remove(OpenIdConnectConstants.GrantTypes.RefreshToken));
+                builder.Configure(options => options.GrantTypes.Remove(OpenIddictConstants.GrantTypes.RefreshToken));
             });
 
             var client = new OpenIdConnectClient(server.CreateClient());
@@ -340,12 +340,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'offline_access' scope is not allowed.", response.ErrorDescription);
         }
 
@@ -363,11 +363,11 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseMode = "unknown_response_mode",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'response_mode' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -384,11 +384,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = null,
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The mandatory 'redirect_uri' parameter is missing.", response.ErrorDescription);
         }
 
@@ -407,11 +407,11 @@ namespace OpenIddict.Server.Internal.Tests
                 CodeChallenge = "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM",
                 CodeChallengeMethod = null,
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'code_challenge_method' parameter must be specified.", response.ErrorDescription);
         }
 
@@ -430,11 +430,11 @@ namespace OpenIddict.Server.Internal.Tests
                 CodeChallenge = "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM",
                 CodeChallengeMethod = OpenIdConnectConstants.CodeChallengeMethods.Plain,
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'code_challenge_method' parameter is not allowed.", response.ErrorDescription);
         }
 
@@ -457,11 +457,11 @@ namespace OpenIddict.Server.Internal.Tests
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseType = type,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'response_type' parameter is not allowed when using PKCE.", response.ErrorDescription);
         }
 
@@ -487,11 +487,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'client_id' parameter is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -530,11 +530,11 @@ namespace OpenIddict.Server.Internal.Tests
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseType = type,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("The specified 'response_type' parameter is not valid for this client application.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -571,11 +571,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("This client application is not allowed to use the authorization endpoint.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -646,11 +646,11 @@ namespace OpenIddict.Server.Internal.Tests
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseType = type,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal(description, response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -691,12 +691,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The client application is not allowed to use the 'offline_access' scope.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
@@ -730,11 +730,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'redirect_uri' parameter is not valid for this client application.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -757,19 +757,19 @@ namespace OpenIddict.Server.Internal.Tests
 
                 instance.Setup(mock => mock.HasPermissionAsync(application,
                     OpenIddictConstants.Permissions.Prefixes.Scope +
-                    OpenIdConnectConstants.Scopes.Profile, It.IsAny<CancellationToken>()))
+                    OpenIddictConstants.Scopes.Profile, It.IsAny<CancellationToken>()))
                     .ReturnsAsync(true);
 
                 instance.Setup(mock => mock.HasPermissionAsync(application,
                     OpenIddictConstants.Permissions.Prefixes.Scope +
-                    OpenIdConnectConstants.Scopes.Email, It.IsAny<CancellationToken>()))
+                    OpenIddictConstants.Scopes.Email, It.IsAny<CancellationToken>()))
                     .ReturnsAsync(false);
             });
 
             var server = CreateAuthorizationServer(builder =>
             {
                 builder.Services.AddSingleton(manager);
-                builder.RegisterScopes(OpenIdConnectConstants.Scopes.Email, OpenIdConnectConstants.Scopes.Profile);
+                builder.RegisterScopes(OpenIddictConstants.Scopes.Email, OpenIddictConstants.Scopes.Profile);
                 builder.Configure(options => options.IgnoreScopePermissions = false);
             });
 
@@ -780,26 +780,26 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
                 Scope = "openid offline_access profile email"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("This client application is not allowed to use the specified scope.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
+                OpenIddictConstants.Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.OfflineAccess, It.IsAny<CancellationToken>()), Times.Never());
+                OpenIddictConstants.Scopes.OfflineAccess, It.IsAny<CancellationToken>()), Times.Never());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.Profile, It.IsAny<CancellationToken>()), Times.Once());
+                OpenIddictConstants.Scopes.Profile, It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.Email, It.IsAny<CancellationToken>()), Times.Once());
+                OpenIddictConstants.Scopes.Email, It.IsAny<CancellationToken>()), Times.Once());
         }
 
         [Fact]
@@ -845,10 +845,10 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Token
+                ResponseType = OpenIddictConstants.ResponseTypes.Token
             });
 
-            var identifier = (string) response[OpenIdConnectConstants.Parameters.RequestId];
+            var identifier = (string) response[OpenIddictConstants.Parameters.RequestId];
 
             // Assert
             Assert.Single(response.GetParameters());
@@ -916,7 +916,7 @@ namespace OpenIddict.Server.Internal.Tests
                 Nonce = "n-0S6_WzA2Mj",
                 RedirectUri = "http://www.fabrikam.com/path",
                 ResponseType = type,
-                Scope = OpenIdConnectConstants.Scopes.OpenId
+                Scope = OpenIddictConstants.Scopes.OpenId
             });
 
             // Assert
@@ -933,7 +933,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Token
+                ResponseType = OpenIddictConstants.ResponseTypes.Token
             };
 
             var stream = new MemoryStream();
@@ -1008,7 +1008,7 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.SendAsync(HttpMethods.Put, AuthorizationEndpoint, new OpenIdConnectRequest());
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified HTTP method is not valid.", response.ErrorDescription);
         }
 
@@ -1032,7 +1032,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, (string) response["error_custom"]);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, (string) response["error_custom"]);
         }
     }
 }

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Discovery.cs

@@ -9,6 +9,7 @@ using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Client;
 using AspNet.Security.OpenIdConnect.Primitives;
 using Newtonsoft.Json.Linq;
+using OpenIddict.Abstractions;
 using Xunit;
 
 namespace OpenIddict.Server.Internal.Tests
@@ -33,11 +34,11 @@ namespace OpenIddict.Server.Internal.Tests
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.ClientCredentials)]
+        [InlineData(OpenIddictConstants.GrantTypes.ClientCredentials)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Implicit)]
+        [InlineData(OpenIddictConstants.GrantTypes.Implicit)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Password)]
+        [InlineData(OpenIddictConstants.GrantTypes.Password)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.RefreshToken)]
+        [InlineData(OpenIddictConstants.GrantTypes.RefreshToken)]
         public async Task HandleConfigurationRequest_EnabledFlowsAreReturned(string flow)
         {
             // Arrange
@@ -69,7 +70,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 builder.Configure(options =>
                 {
-                    options.GrantTypes.Remove(OpenIdConnectConstants.GrantTypes.RefreshToken);
+                    options.GrantTypes.Remove(OpenIddictConstants.GrantTypes.RefreshToken);
                     options.Scopes.Clear();
                 });
             });
@@ -84,7 +85,7 @@ namespace OpenIddict.Server.Internal.Tests
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.Scopes.OpenId)]
+        [InlineData(OpenIddictConstants.Scopes.OpenId)]
         public async Task HandleConfigurationRequest_DefaultScopesAreReturned(string scope)
         {
             // Arrange
@@ -133,7 +134,7 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.GetAsync(ConfigurationEndpoint);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.Scopes.OfflineAccess,
+            Assert.Contains(OpenIddictConstants.Scopes.OfflineAccess,
                 ((JArray) response[OpenIdConnectConstants.Metadata.ScopesSupported]).Values<string>());
         }
 
@@ -147,7 +148,7 @@ namespace OpenIddict.Server.Internal.Tests
                 {
                     // Note: at least one flow must be enabled.
                     options.GrantTypes.Clear();
-                    options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.AuthorizationCode);
+                    options.GrantTypes.Add(OpenIddictConstants.GrantTypes.AuthorizationCode);
                 });
             });
 
@@ -157,7 +158,7 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.GetAsync(ConfigurationEndpoint);
 
             // Assert
-            Assert.DoesNotContain(OpenIdConnectConstants.Scopes.OfflineAccess,
+            Assert.DoesNotContain(OpenIddictConstants.Scopes.OfflineAccess,
                 ((JArray) response[OpenIdConnectConstants.Metadata.ScopesSupported]).Values<string>());
         }
 
@@ -193,12 +194,12 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Equal(6, claims.Length);
-            Assert.Contains(OpenIdConnectConstants.Claims.Audience, claims);
+            Assert.Contains(OpenIddictConstants.Claims.Audience, claims);
-            Assert.Contains(OpenIdConnectConstants.Claims.ExpiresAt, claims);
+            Assert.Contains(OpenIddictConstants.Claims.ExpiresAt, claims);
-            Assert.Contains(OpenIdConnectConstants.Claims.IssuedAt, claims);
+            Assert.Contains(OpenIddictConstants.Claims.IssuedAt, claims);
-            Assert.Contains(OpenIdConnectConstants.Claims.Issuer, claims);
+            Assert.Contains(OpenIddictConstants.Claims.Issuer, claims);
-            Assert.Contains(OpenIdConnectConstants.Claims.JwtId, claims);
+            Assert.Contains(OpenIddictConstants.Claims.JwtId, claims);
-            Assert.Contains(OpenIdConnectConstants.Claims.Subject, claims);
+            Assert.Contains(OpenIddictConstants.Claims.Subject, claims);
         }
 
         [Fact]

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Exchange.cs

@@ -23,10 +23,10 @@ namespace OpenIddict.Server.Internal.Tests
     public partial class OpenIddictServerProviderTests
     {
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.ClientCredentials)]
+        [InlineData(OpenIddictConstants.GrantTypes.ClientCredentials)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Password)]
+        [InlineData(OpenIddictConstants.GrantTypes.Password)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.RefreshToken)]
+        [InlineData(OpenIddictConstants.GrantTypes.RefreshToken)]
         public async Task ValidateTokenRequest_RequestIsRejectedWhenFlowIsNotEnabled(string flow)
         {
             // Arrange
@@ -48,7 +48,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedGrantType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedGrantType, response.Error);
             Assert.Equal("The specified 'grant_type' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -58,7 +58,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Arrange
             var server = CreateAuthorizationServer(builder =>
             {
-                builder.Configure(options => options.GrantTypes.Remove(OpenIdConnectConstants.GrantTypes.RefreshToken));
+                builder.Configure(options => options.GrantTypes.Remove(OpenIddictConstants.GrantTypes.RefreshToken));
             });
 
             var client = new OpenIdConnectClient(server.CreateClient());
@@ -66,14 +66,14 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'offline_access' scope is not allowed.", response.ErrorDescription);
         }
 
@@ -90,12 +90,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = null
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The mandatory 'redirect_uri' parameter is missing.", response.ErrorDescription);
         }
 
@@ -119,14 +119,14 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
                 Scope = "unregistered_scope"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidScope, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidScope, response.Error);
             Assert.Equal("The specified 'scope' parameter is not valid.", response.ErrorDescription);
         }
 
@@ -144,7 +144,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
                 Scope = "registered_scope"
@@ -186,7 +186,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
                 Scope = "scope_registered_in_database scope_registered_in_options"
@@ -210,12 +210,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.ClientCredentials,
+                GrantType = OpenIddictConstants.GrantTypes.ClientCredentials,
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'offline_access' scope is not valid for the specified 'grant_type' parameter.", response.ErrorDescription);
         }
 
@@ -234,11 +234,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = identifier,
                 ClientSecret = secret,
-                GrantType = OpenIdConnectConstants.GrantTypes.ClientCredentials
+                GrantType = OpenIddictConstants.GrantTypes.ClientCredentials
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'client_id' and 'client_secret' parameters are " +
                          "required when using the client credentials grant.", response.ErrorDescription);
         }
@@ -258,13 +258,13 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = null,
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The mandatory 'client_id' parameter is missing.", response.ErrorDescription);
         }
 
@@ -289,13 +289,13 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified 'client_id' parameter is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -330,13 +330,13 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("This client application is not allowed to use the token endpoint.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -373,13 +373,13 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("This client application is not allowed to use the specified grant type.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -420,14 +420,14 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The client application is not allowed to use the 'offline_access' scope.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
@@ -461,11 +461,11 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
-                GrantType = OpenIdConnectConstants.GrantTypes.ClientCredentials
+                GrantType = OpenIddictConstants.GrantTypes.ClientCredentials
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("The specified 'grant_type' parameter is not valid for this client application.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -499,13 +499,13 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'client_secret' parameter is not valid for this client application.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -539,13 +539,13 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = null,
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The 'client_secret' parameter required for this client application is missing.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -579,13 +579,13 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = null,
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The 'client_secret' parameter required for this client application is missing.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -622,13 +622,13 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified client credentials are invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -655,12 +655,12 @@ namespace OpenIddict.Server.Internal.Tests
 
                 instance.Setup(mock => mock.HasPermissionAsync(application,
                     OpenIddictConstants.Permissions.Prefixes.Scope +
-                    OpenIdConnectConstants.Scopes.Profile, It.IsAny<CancellationToken>()))
+                    OpenIddictConstants.Scopes.Profile, It.IsAny<CancellationToken>()))
                     .ReturnsAsync(true);
 
                 instance.Setup(mock => mock.HasPermissionAsync(application,
                     OpenIddictConstants.Permissions.Prefixes.Scope +
-                    OpenIdConnectConstants.Scopes.Email, It.IsAny<CancellationToken>()))
+                    OpenIddictConstants.Scopes.Email, It.IsAny<CancellationToken>()))
                     .ReturnsAsync(false);
 
                 instance.Setup(mock => mock.ValidateRedirectUriAsync(application, "http://www.fabrikam.com/path", It.IsAny<CancellationToken>()))
@@ -670,7 +670,7 @@ namespace OpenIddict.Server.Internal.Tests
             var server = CreateAuthorizationServer(builder =>
             {
                 builder.Services.AddSingleton(manager);
-                builder.RegisterScopes(OpenIdConnectConstants.Scopes.Email, OpenIdConnectConstants.Scopes.Profile);
+                builder.RegisterScopes(OpenIddictConstants.Scopes.Email, OpenIddictConstants.Scopes.Profile);
                 builder.Configure(options => options.IgnoreScopePermissions = false);
             });
 
@@ -681,28 +681,28 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
                 Scope = "openid offline_access profile email"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("This client application is not allowed to use the specified scope.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
+                OpenIddictConstants.Scopes.OpenId, It.IsAny<CancellationToken>()), Times.Never());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.OfflineAccess, It.IsAny<CancellationToken>()), Times.Never());
+                OpenIddictConstants.Scopes.OfflineAccess, It.IsAny<CancellationToken>()), Times.Never());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.Profile, It.IsAny<CancellationToken>()), Times.Once());
+                OpenIddictConstants.Scopes.Profile, It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.HasPermissionAsync(application,
                 OpenIddictConstants.Permissions.Prefixes.Scope +
-                OpenIdConnectConstants.Scopes.Email, It.IsAny<CancellationToken>()), Times.Once());
+                OpenIddictConstants.Scopes.Email, It.IsAny<CancellationToken>()), Times.Once());
         }
 
         [Fact]
@@ -750,7 +750,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -800,7 +800,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -857,12 +857,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -914,12 +914,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.Once());
@@ -982,12 +982,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -1048,12 +1048,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.Once());
@@ -1132,12 +1132,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -1213,12 +1213,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -1306,12 +1306,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -1399,12 +1399,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token has already been redeemed.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -1474,12 +1474,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -1544,12 +1544,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.Once());
@@ -1627,7 +1627,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -1710,7 +1710,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -1789,12 +1789,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The authorization associated with the authorization code is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -1874,12 +1874,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The authorization associated with the authorization code is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -1953,12 +1953,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The authorization associated with the refresh token is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -2036,12 +2036,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The authorization associated with the refresh token is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
@@ -2049,16 +2049,16 @@ namespace OpenIddict.Server.Internal.Tests
         }
 
         [Theory]
-        [InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
+        [InlineData(OpenIddictConstants.GrantTypes.AuthorizationCode)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.ClientCredentials)]
+        [InlineData(OpenIddictConstants.GrantTypes.ClientCredentials)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.Password)]
+        [InlineData(OpenIddictConstants.GrantTypes.Password)]
-        [InlineData(OpenIdConnectConstants.GrantTypes.RefreshToken)]
+        [InlineData(OpenIddictConstants.GrantTypes.RefreshToken)]
         [InlineData("urn:ietf:params:oauth:grant-type:custom_grant")]
         public async Task HandleTokenRequest_RequestsAreNotHandledLocally(string flow)
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -2069,12 +2069,12 @@ namespace OpenIddict.Server.Internal.Tests
 
             switch (flow)
             {
-                case OpenIdConnectConstants.GrantTypes.AuthorizationCode:
+                case OpenIddictConstants.GrantTypes.AuthorizationCode:
                     ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode);
                     ticket.SetPresenters("Fabrikam");
                     break;
 
-                case OpenIdConnectConstants.GrantTypes.RefreshToken:
+                case OpenIddictConstants.GrantTypes.RefreshToken:
                     ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
                     break;
             }

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Introspection.cs

@@ -39,7 +39,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The mandatory 'client_id' and/or 'client_secret' parameters are missing.", response.ErrorDescription);
         }
 
@@ -69,7 +69,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified 'client_id' parameter is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -109,7 +109,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("This client application is not allowed to use the introspection endpoint.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -148,7 +148,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("This client application is not allowed to use the introspection endpoint.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -189,7 +189,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified client credentials are invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -205,7 +205,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -251,7 +251,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
         }
 
         [Fact]
@@ -259,7 +259,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -305,7 +305,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
         }
 
         [Fact]
@@ -313,7 +313,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -360,7 +360,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
         }
 
         [Fact]
@@ -368,7 +368,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var manager = CreateTokenManager(instance =>
             {
@@ -409,7 +409,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("QaTk2f6UPe9trKismGBJr0OIs0KqpvNrqRsJqGuJAAI", It.IsAny<CancellationToken>()), Times.Once());
@@ -420,7 +420,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -501,7 +501,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Never());
         }
@@ -511,7 +511,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -591,7 +591,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
         }
@@ -601,7 +601,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -686,7 +686,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.IsValidAsync(authorization, It.IsAny<CancellationToken>()), Times.Once());
@@ -697,7 +697,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -768,7 +768,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("QaTk2f6UPe9trKismGBJr0OIs0KqpvNrqRsJqGuJAAI", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.IsValidAsync(token, It.IsAny<CancellationToken>()), Times.Once());

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Revocation.cs

@@ -41,7 +41,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedTokenType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedTokenType, response.Error);
             Assert.Equal("The specified 'token_type_hint' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -64,7 +64,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The mandatory 'client_id' parameter is missing.", response.ErrorDescription);
         }
 
@@ -94,7 +94,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified 'client_id' parameter is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -135,7 +135,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnauthorizedClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnauthorizedClient, response.Error);
             Assert.Equal("This client application is not allowed to use the revocation endpoint.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -175,7 +175,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'client_secret' parameter is not valid for this client application.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -214,7 +214,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The 'client_secret' parameter required for this client application is missing.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -253,7 +253,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The 'client_secret' parameter required for this client application is missing.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -295,7 +295,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidClient, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidClient, response.Error);
             Assert.Equal("The specified client credentials are invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByClientIdAsync("Fabrikam", It.IsAny<CancellationToken>()), Times.Once());
@@ -334,7 +334,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedTokenType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedTokenType, response.Error);
             Assert.Equal("The specified token cannot be revoked.", response.ErrorDescription);
 
             format.Verify(mock => mock.Unprotect("SlAV32hkKG"), Times.Once());
@@ -349,7 +349,7 @@ namespace OpenIddict.Server.Internal.Tests
                 mock.ValidTo == DateTime.UtcNow.AddDays(1));
 
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.TokenUsage, OpenIdConnectConstants.TokenUsages.IdToken);
+            identity.AddClaim(OpenIddictConstants.Claims.TokenUsage, OpenIdConnectConstants.TokenUsages.IdToken);
 
             var handler = new Mock<JwtSecurityTokenHandler>();
 
@@ -374,7 +374,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.UnsupportedTokenType, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.UnsupportedTokenType, response.Error);
             Assert.Equal("The specified token cannot be revoked.", response.ErrorDescription);
 
             handler.As<ISecurityTokenValidator>()

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Serialization.cs

@@ -65,7 +65,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Never());
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Never());
@@ -76,7 +76,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -136,7 +136,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.True((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.True((bool) response[OpenIddictConstants.Claims.Active]);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Once());
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync(It.IsAny<string>(), It.IsAny<CancellationToken>()), Times.Never());
@@ -191,7 +191,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.GetIdAsync(token, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -249,7 +249,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.GetIdAsync(token, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -314,7 +314,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             // Assert
             Assert.Single(response.GetParameters());
-            Assert.False((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.False((bool) response[OpenIddictConstants.Claims.Active]);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.GetIdAsync(token, It.IsAny<CancellationToken>()), Times.AtLeastOnce());
@@ -326,7 +326,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -409,10 +409,10 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.True((bool) response[OpenIdConnectConstants.Claims.Active]);
+            Assert.True((bool) response[OpenIddictConstants.Claims.Active]);
-            Assert.Equal("070AAEDE-38BF-41BE-870C-4E5A73E54566", response[OpenIdConnectConstants.Claims.JwtId]);
+            Assert.Equal("070AAEDE-38BF-41BE-870C-4E5A73E54566", response[OpenIddictConstants.Claims.JwtId]);
-            Assert.Equal(1483228800, (long) response[OpenIdConnectConstants.Claims.IssuedAt]);
+            Assert.Equal(1483228800, (long) response[OpenIddictConstants.Claims.IssuedAt]);
-            Assert.Equal(1484006400, (long) response[OpenIdConnectConstants.Claims.ExpiresAt]);
+            Assert.Equal(1484006400, (long) response[OpenIddictConstants.Claims.ExpiresAt]);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
             Mock.Get(manager).Verify(mock => mock.GetIdAsync(token, It.IsAny<CancellationToken>()), Times.Once());
@@ -457,12 +457,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "2YotnFZFEjr1zCsicMWpAA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Never());
@@ -474,7 +474,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -532,7 +532,7 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "2YotnFZFEjr1zCsicMWpAA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -587,12 +587,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -646,12 +646,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -712,12 +712,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -730,7 +730,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -807,7 +807,7 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -824,7 +824,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -863,12 +863,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "2YotnFZFEjr1zCsicMWpAA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
         }
 
@@ -908,12 +908,12 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "2YotnFZFEjr1zCsicMWpAA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is invalid.", response.ErrorDescription);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Once());
@@ -924,7 +924,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -994,7 +994,7 @@ namespace OpenIddict.Server.Internal.Tests
                 ClientId = "Fabrikam",
                 ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
                 Code = "2YotnFZFEjr1zCsicMWpAA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -1040,12 +1040,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "2YotnFZFEjr1zCsicMWpAA"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Never());
@@ -1057,7 +1057,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -1097,7 +1097,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "2YotnFZFEjr1zCsicMWpAA"
             });
 
@@ -1135,12 +1135,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -1177,12 +1177,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -1226,12 +1226,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByReferenceIdAsync("HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ", It.IsAny<CancellationToken>()), Times.Once());
@@ -1244,7 +1244,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -1302,7 +1302,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "HQnldPTjH_9m85GcS-5PPYaCxmJTt1umxOa2y9ggVUQ"
             });
 
@@ -1319,7 +1319,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -1341,12 +1341,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "2YotnFZFEjr1zCsicMWpAA"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
         }
 
@@ -1369,12 +1369,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "2YotnFZFEjr1zCsicMWpAA"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is invalid.", response.ErrorDescription);
 
             format.Verify(mock => mock.Unprotect("2YotnFZFEjr1zCsicMWpAA"), Times.Once());
@@ -1385,7 +1385,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -1437,7 +1437,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "2YotnFZFEjr1zCsicMWpAA"
             });
 
@@ -1464,10 +1464,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -1517,10 +1517,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -1582,10 +1582,10 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -1632,10 +1632,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess,
+                Scope = OpenIddictConstants.Scopes.OfflineAccess,
                 ["attach-authorization"] = true
             });
 
@@ -1687,7 +1687,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
@@ -1749,7 +1749,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
@@ -1822,7 +1822,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
@@ -1886,7 +1886,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code
+                ResponseType = OpenIddictConstants.ResponseTypes.Code
             });
 
             // Assert
@@ -1950,7 +1950,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
                 ["attach-authorization"] = true
             });
 
@@ -1976,7 +1976,7 @@ namespace OpenIddict.Server.Internal.Tests
                 OpenIddictServerDefaults.AuthenticationScheme);
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -2024,7 +2024,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -2057,10 +2057,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -2103,10 +2103,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -2160,10 +2160,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -2223,10 +2223,10 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
                 ClientId = "Fabrikam",
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess
+                Scope = OpenIddictConstants.Scopes.OfflineAccess
             });
 
             // Assert
@@ -2271,10 +2271,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess,
+                Scope = OpenIddictConstants.Scopes.OfflineAccess,
                 ["attach-authorization"] = true
             });
 

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Session.cs

@@ -37,7 +37,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The 'request_id' parameter is not supported.", response.ErrorDescription);
         }
 
@@ -61,7 +61,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'request_id' parameter is invalid.", response.ErrorDescription);
         }
 
@@ -84,7 +84,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal(message, response.ErrorDescription);
         }
 
@@ -112,7 +112,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified 'post_logout_redirect_uri' parameter is not valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByPostLogoutRedirectUriAsync("http://www.fabrikam.com/path", It.IsAny<CancellationToken>()), Times.Once());
@@ -154,7 +154,7 @@ namespace OpenIddict.Server.Internal.Tests
                 PostLogoutRedirectUri = "http://www.fabrikam.com/path"
             });
 
-            var identifier = (string) response[OpenIdConnectConstants.Parameters.RequestId];
+            var identifier = (string) response[OpenIddictConstants.Parameters.RequestId];
 
             // Assert
             Assert.Single(response.GetParameters());
@@ -216,7 +216,7 @@ namespace OpenIddict.Server.Internal.Tests
             var response = await client.SendAsync(HttpMethods.Put, LogoutEndpoint, new OpenIdConnectRequest());
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, response.Error);
             Assert.Equal("The specified HTTP method is not valid.", response.ErrorDescription);
         }
 
@@ -244,7 +244,7 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidRequest, (string) response["error_custom"]);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidRequest, (string) response["error_custom"]);
         }
     }
 }

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Userinfo.cs

@@ -7,6 +7,7 @@
 using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Client;
 using AspNet.Security.OpenIdConnect.Primitives;
+using OpenIddict.Abstractions;
 using Xunit;
 
 namespace OpenIddict.Server.Internal.Tests
@@ -27,8 +28,8 @@ namespace OpenIddict.Server.Internal.Tests
             });
 
             // Assert
-            Assert.Equal("SlAV32hkKG", (string) response[OpenIdConnectConstants.Parameters.AccessToken]);
+            Assert.Equal("SlAV32hkKG", (string) response[OpenIddictConstants.Parameters.AccessToken]);
-            Assert.Equal("Bob le Bricoleur", (string) response[OpenIdConnectConstants.Claims.Subject]);
+            Assert.Equal("Bob le Bricoleur", (string) response[OpenIddictConstants.Claims.Subject]);
         }
     }
 }

test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.cs

@@ -73,7 +73,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
                 ["attach-public-parameters"] = true,
                 ["deny-authorization"] = true
             });
@@ -97,10 +97,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess,
+                Scope = OpenIddictConstants.Scopes.OfflineAccess,
                 ["attach-public-parameters"] = true,
                 ["deny-authorization"] = true
             });
@@ -128,7 +128,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 return client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
                 {
-                    GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                    GrantType = OpenIddictConstants.GrantTypes.Password,
                     Username = "johndoe",
                     Password = "A3ddj3w",
                     ["use-null-authentication-type"] = true
@@ -147,7 +147,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -156,7 +156,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
             ticket.SetProperty("custom_property_in_original_ticket", "original_value");
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
@@ -198,7 +198,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8",
                 ["do-not-flow-original-properties"] = true
             });
@@ -218,7 +218,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -228,7 +228,7 @@ namespace OpenIddict.Server.Internal.Tests
             ticket.SetPresenters("Fabrikam");
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -279,7 +279,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -292,7 +292,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -301,7 +301,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -342,7 +342,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -355,7 +355,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -364,7 +364,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -400,7 +400,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -413,7 +413,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -468,7 +468,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
@@ -482,7 +482,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -540,12 +540,12 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 Code = "SplxlOBeZQQYbYS6WxSbIA",
-                GrantType = OpenIdConnectConstants.GrantTypes.AuthorizationCode,
+                GrantType = OpenIddictConstants.GrantTypes.AuthorizationCode,
                 RedirectUri = "http://www.fabrikam.com/path"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified authorization code is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("3E228451-1555-46F7-A471-951EFBA23A56", It.IsAny<CancellationToken>()), Times.Once());
@@ -557,7 +557,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -566,7 +566,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -607,7 +607,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -623,7 +623,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -632,7 +632,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -676,12 +676,12 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
             // Assert
-            Assert.Equal(OpenIdConnectConstants.Errors.InvalidGrant, response.Error);
+            Assert.Equal(OpenIddictConstants.Errors.InvalidGrant, response.Error);
             Assert.Equal("The specified refresh token is no longer valid.", response.ErrorDescription);
 
             Mock.Get(manager).Verify(mock => mock.FindByIdAsync("60FFF7EA-F98E-437B-937E-5073CC313103", It.IsAny<CancellationToken>()), Times.Once());
@@ -693,7 +693,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -702,7 +702,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -735,7 +735,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -751,7 +751,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -760,7 +760,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -827,7 +827,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -845,7 +845,7 @@ namespace OpenIddict.Server.Internal.Tests
         {
             // Arrange
             var identity = new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme);
-            identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Bricoleur");
+            identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Bricoleur");
 
             var ticket = new AuthenticationTicket(
                 new ClaimsPrincipal(identity),
@@ -854,7 +854,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
             ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0");
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
@@ -914,7 +914,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -939,7 +939,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -984,7 +984,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -1007,7 +1007,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -1051,7 +1051,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -1074,7 +1074,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -1119,7 +1119,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -1140,7 +1140,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -1185,7 +1185,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -1206,7 +1206,7 @@ namespace OpenIddict.Server.Internal.Tests
 
             ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103");
             ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
-            ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess);
+            ticket.SetScopes(OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.OfflineAccess);
 
             var format = new Mock<ISecureDataFormat<AuthenticationTicket>>();
 
@@ -1254,7 +1254,7 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.RefreshToken,
+                GrantType = OpenIddictConstants.GrantTypes.RefreshToken,
                 RefreshToken = "8xLOxBtZp8"
             });
 
@@ -1316,7 +1316,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
             });
 
             // Assert
@@ -1382,7 +1382,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
             });
 
             // Assert
@@ -1419,7 +1419,7 @@ namespace OpenIddict.Server.Internal.Tests
             {
                 ClientId = "Fabrikam",
                 RedirectUri = "http://www.fabrikam.com/path",
-                ResponseType = OpenIdConnectConstants.ResponseTypes.Code,
+                ResponseType = OpenIddictConstants.ResponseTypes.Code,
                 ["attach-public-parameters"] = true
             });
 
@@ -1442,10 +1442,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess,
+                Scope = OpenIddictConstants.Scopes.OfflineAccess,
                 ["attach-public-parameters"] = true
             });
 
@@ -1476,10 +1476,10 @@ namespace OpenIddict.Server.Internal.Tests
             // Act
             var response = await client.PostAsync(TokenEndpoint, new OpenIdConnectRequest
             {
-                GrantType = OpenIdConnectConstants.GrantTypes.Password,
+                GrantType = OpenIddictConstants.GrantTypes.Password,
                 Username = "johndoe",
                 Password = "A3ddj3w",
-                Scope = OpenIdConnectConstants.Scopes.OfflineAccess,
+                Scope = OpenIddictConstants.Scopes.OfflineAccess,
                 ["attach-public-parameters"] = true
             });
 
@@ -1605,7 +1605,7 @@ namespace OpenIddict.Server.Internal.Tests
 
                     return context.HttpContext.Response.WriteAsync(JsonConvert.SerializeObject(new
                     {
-                        error_custom = OpenIdConnectConstants.Errors.InvalidRequest
+                        error_custom = OpenIddictConstants.Errors.InvalidRequest
                     }));
                 });
 
@@ -1635,7 +1635,7 @@ namespace OpenIddict.Server.Internal.Tests
                         new ClaimsIdentity(OpenIddictServerDefaults.AuthenticationScheme) :
                         new ClaimsIdentity();
 
-                    identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "Bob le Magnifique");
+                    identity.AddClaim(OpenIddictConstants.Claims.Subject, "Bob le Magnifique");
 
                     var ticket = new AuthenticationTicket(
                         new ClaimsPrincipal(identity),

test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs

@@ -7,9 +7,7 @@
 using System;
 using System.IdentityModel.Tokens.Jwt;
 using System.Reflection;
-using System.Threading;
 using System.Threading.Tasks;
-using AspNet.Security.OpenIdConnect.Primitives;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Caching.Distributed;
@@ -17,6 +15,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
 using Moq;
+using OpenIddict.Abstractions;
 using Xunit;
 using static OpenIddict.Server.OpenIddictServerEvents;
 
@@ -316,7 +315,7 @@ namespace OpenIddict.Server.Tests
             var options = GetOptions(services);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode, options.GrantTypes);
+            Assert.Contains(OpenIddictConstants.GrantTypes.AuthorizationCode, options.GrantTypes);
         }
 
         [Fact]
@@ -332,7 +331,7 @@ namespace OpenIddict.Server.Tests
             var options = GetOptions(services);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.GrantTypes.ClientCredentials, options.GrantTypes);
+            Assert.Contains(OpenIddictConstants.GrantTypes.ClientCredentials, options.GrantTypes);
         }
 
         [Fact]
@@ -364,7 +363,7 @@ namespace OpenIddict.Server.Tests
             var options = GetOptions(services);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.GrantTypes.Implicit, options.GrantTypes);
+            Assert.Contains(OpenIddictConstants.GrantTypes.Implicit, options.GrantTypes);
         }
 
         [Fact]
@@ -380,7 +379,7 @@ namespace OpenIddict.Server.Tests
             var options = GetOptions(services);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.GrantTypes.Password, options.GrantTypes);
+            Assert.Contains(OpenIddictConstants.GrantTypes.Password, options.GrantTypes);
         }
 
         [Fact]
@@ -396,7 +395,7 @@ namespace OpenIddict.Server.Tests
             var options = GetOptions(services);
 
             // Assert
-            Assert.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken, options.GrantTypes);
+            Assert.Contains(OpenIddictConstants.GrantTypes.RefreshToken, options.GrantTypes);
         }
 
         [Fact]