Skip to main content

Abblix.Jwt Namespace

Abblix.Jwt

Abblix.Jwt Namespace

Classes
AuthorizationDetailOne entry in the OAuth 2.0 Rich Authorization Requests authorization_details array (RFC 9396 §2), wrapped over a System.Text.Json.Nodes.JsonNode which is the source of truth for the entry's content. The wrapper exposes the RFC 9396 §2.2 common-data members as strongly-typed accessors that read from and write to the underlying Json directly — the same shape JsonWebTokenPayload uses over its System.Text.Json.Nodes.JsonObject.
ClaimExtensionsProvides extension methods for handling claims, particularly for converting between JWT claims and security claims.
CriticalHeaderContextPer-call context passed to HandleAsync(CriticalHeaderContext, CancellationToken). Reference type with init-only properties so adding a future field is a non-breaking change for handler implementations.
EllipticCurveJsonWebKeyRepresents an Elliptic Curve JSON Web Key (JWK) containing EC-specific cryptographic parameters. Supports both public and private EC keys per RFC 7518 Section 6.2.
EllipticCurveOidsASN.1 object identifiers (OIDs) for NIST-recommended elliptic curves used in ECDSA cryptography.
EllipticCurveTypesElliptic curve identifiers for the JWK "crv" parameter, as defined in RFC 7518 Section 6.2.1.1.
EncryptionAlgorithmsJWE algorithm identifiers ("alg" and "enc" header values) defined in RFC 7516 (JWE) and RFC 7518 Sections 4 (key management) and 5 (content encryption). Constants on this class are recognized by the library; some are listed but not yet supported because their underlying primitives are not provided by .NET (see remarks on each member).
EncryptionAlgorithms.ContentEncryptionContent encryption algorithms ("enc" parameter in the JWE header). These encrypt the JWE payload using the Content Encryption Key produced by the key management algorithm.
EncryptionAlgorithms.KeyManagementKey management algorithms ("alg" parameter in the JWE header). These wrap or derive the Content Encryption Key (CEK) that is then used by a content encryption algorithm.
IanaClaimTypesProvides constants for various JWT and OpenID Connect claim types. Includes both registered claim types and public claim types as defined in various standards. This classification helps in ensuring interoperability across different systems and services by adhering to a common set of identifiers for claims.
IanaClaimTypes.ConfirmationMethodsMember names of the cnf confirmation-method JSON object (RFC 7800 §3.1 / IANA "JWT Confirmation Methods" registry). Each member encodes a different proof-of-possession binding scheme; multiple members can coexist when a deployment uses several schemes concurrently (e.g. mTLS for client authentication and DPoP for token binding).
JsonArrayExtensionsConversion helpers between a raw System.Text.Json.Nodes.JsonArray wire form and a sequence of AuthorizationDetail wrappers. Parallels JsonObjectExtensions for object-shaped claims; here the shape is a JSON array and each element is a wrapper over its underlying System.Text.Json.Nodes.JsonNode.
JsonObjectExtensionsProvides extension methods for the System.Text.Json.Nodes.JsonObject class, enhancing its usability by simplifying the process of accessing and manipulating JSON properties.
JsonWebKeyBase class representing a JSON Web Key (JWK), a versatile structure for representing cryptographic keys using JSON. JWKs are crucial for digital signatures, encryption, and ensuring secure communication in web-based protocols.
JsonWebKeyConverterCustom JSON converter for JsonWebKey that handles polymorphic serialization/deserialization based on the "kty" (key type) discriminator while ensuring the KeyType property is serialized in both polymorphic and direct serialization scenarios.
JsonWebKeyExtensionsProvides extension methods for the JsonWebKey model to simplify the process of populating its properties from different sources. These methods enable easy conversion between JsonWebKey and various cryptographic representations.
JsonWebKeyFactoryA factory for creating JsonWebKey objects for various cryptographic key types. Supports RSA, Elliptic Curve, and symmetric (HMAC) keys for JWT operations.
JsonWebKeyPropertyNamesJSON property names used in the JSON serialization of a JWK as defined in RFC 7517 Section 4 and RFC 7518 Section 6. These are the wire-level names; consumers normally interact with the strongly-typed properties on JsonWebKey and its subclasses.
JsonWebKeySetA JSON Web Key Set (JWK Set) per RFC 7517 Section 5: a JSON document containing an array of JSON Web Keys. Authorization servers publish their JWK Set at the jwks_uri endpoint so that relying parties can discover the keys used to validate or encrypt tokens.
JsonWebKeyTypesValues for the JWK "kty" parameter (RFC 7517 Section 4.1, RFC 7518 Section 6.1) identifying the cryptographic family a key belongs to. Used as the discriminator when deserializing a JsonWebKey into the correct concrete subtype.
JsonWebTokenRepresents a JSON Web Token (JWT), a compact, URL-safe means of representing claims to be transferred between two parties. This record encapsulates the standard JWT structure, offering properties to access and manipulate the header, payload, and claims.
JsonWebTokenConfirmationTyped wrapper over the cnf confirmation-method JSON object (RFC 7800 §3.1). Exposes the proof-of-possession binding members an issued JWT can carry: the mutual-TLS client certificate thumbprint (x5t#S256, RFC 8705 §3.1) and the DPoP proof-key JWK thumbprint (jkt, RFC 9449 §6.1). Symmetric with JsonWebTokenPayload: each member is a typed accessor over the underlying System.Text.Json.Nodes.JsonObject; constants live in ConfirmationMethods so adding a new member is a single-file edit.
JsonWebTokenExtensionsProvides extension methods for handling JSON data within JWTs.
JsonWebTokenHeaderRepresents the header part of a JSON Web Token (JWT), containing metadata about the token such as the type and the algorithm used for signing.
JsonWebTokenPayloadRepresents the payload part of a JSON Web Token (JWT), containing the claims or statements about the subject.
JwtClaimTypesNames of the JWT claims and JOSE header parameters used by this library, including the registered claims from RFC 7519 Section 4.1, common OpenID Connect claims, and several extensions (token exchange, security event tokens, etc.). Use these constants whenever reading from or writing to a JsonWebTokenHeader or JsonWebTokenPayload by raw name.
JwtValidationErrorRepresents an error encountered during the validation of a JSON Web Token (JWT).
OctetJsonWebKeyRepresents a Symmetric JSON Web Key (JWK) containing symmetric key material for algorithms like HMAC. Supports symmetric keys per RFC 7518 Section 6.4.
PublicKeyUsagesValues for the JWK "use" parameter (RFC 7517 Section 4.2), declaring whether a key is intended for signing or encryption. Lets clients pick the right key from a JWK Set when a JWKS contains keys for both purposes.
RsaJsonWebKeyRepresents an RSA JSON Web Key (JWK) containing RSA-specific cryptographic parameters. Supports both public and private RSA keys per RFC 7518 Section 6.3.
ServiceCollectionExtensionsProvides extension methods for Microsoft.Extensions.DependencyInjection.IServiceCollection to register JwT-related services within the application.
SigningAlgorithmsJWS signing algorithm identifiers ("alg" header values) defined in RFC 7518 Section 3. Used to indicate how a JWT was signed and to look up the matching signer or verifier.
ValidationParametersDefines parameters used during the validation of a JSON Web Token (JWT).
Interfaces
ICriticalHeaderHandlerRecipient-side handler for one JWS 'crit' header extension spec (RFC 7515 §4.1.11). Covers «understood AND processed»: the handler applies the extension's recipient-side semantics via HandleAsync(CriticalHeaderContext, CancellationToken). The JOSE header parameter name the handler implements is the DI key it is registered under — see AddCriticalHeaderHandler<THandler>(this IServiceCollection, string) — so name and behaviour are inseparable: a name cannot be registered without a handler behind it.
IJsonWebTokenCreatorDefines the contract for a service that creates JSON Web Tokens (JWTs).
IJsonWebTokenValidatorDefines the contract for a service that validates JSON Web Tokens (JWTs).
Enums
JwtErrorHigh-level categories of JWT processing failures returned by the validator and by callers that consume validated tokens. Pair with ErrorDescription for a human-readable explanation. Categories let callers branch on the failure cause without parsing the description string.
ValidationOptionsSet of flags for specifying various validation options for JWT tokens. These options can be combined using bitwise operations to create a customized set of validation rules.
Delegates
ValidationParameters.ResolveIssuerSigningKeysDelegate(string)Resolves signing keys (JWKs) asynchronously for a specified issuer.
ValidationParameters.ResolveTokenDecryptionKeysDelegate(string)Resolves decryption keys (JWKs) asynchronously for a specified issuer.
ValidationParameters.ValidateAudienceDelegate(IEnumerable<string>)Validates a collection of audiences against expected values.
ValidationParameters.ValidateIssuersDelegate(string)Validates a token issuer against expected values.