It would be nice if the
ProtocolException thrown from
WebServerClient.RefreshAuthorization exposed the error details in the response content. I see this information is captured and serialized by
TokenEndpointProtocolException.GetResponse in my token endpoint but nothing is done with it on the client side aside from logging it. Perhaps it could be de-serialized into something similar to an
AccessTokenFailedResponse object and returned in the
ProtocolException.FaultedMessage property? That way the client can see if the
Error property matches "invalid_grant" rather than making assumptions about the cause of the error. Or even better, an enum representing the possible error values in
section 5.2 of the spec could be used instead of magic protocol strings.