Skip to main content

Abblix.Oidc.Server.Common Namespace

Abblix.Oidc.Server

Abblix.Oidc.Server.Common Namespace

Classes
AuthorizationContextRepresents the context of an authorization process, encapsulating the key parameters required for processing authorization requests.
AuthorizationContextExtensionsProvides extension methods for working with AuthorizationContext objects, facilitating the conversion between authorization contexts and JWT claims.
ClaimsExtensionsHelpers for working with System.Security.Claims.ClaimsPrincipal and System.Security.Claims.Claim sequences: classify claims as registered/public/private (per IANA), filter or replace them by type, and look up values by claim name in a case-insensitive manner.
CookieRepresents an HTTP cookie along with its options.
CookieOptionsRepresents options for an HTTP cookie, including properties for HTTP-only, essential, secure, path, domain, SameSite attribute, expiration, and maximum age.
HttpRequestMessageExtensionsExtension methods for System.Net.Http.HttpRequestMessage.
InvalidDPoPProofErrorSubtype of OidcError tagging an RFC 9449 §7.1 DPoP proof rejection at a protected endpoint (UserInfo, introspection, revocation). The typed marker lets the response formatter pattern-match deterministically and emit the WWW-Authenticate: DPoP error="invalid_dpop_proof" challenge instead of a Bearer challenge, without string-comparing the error code. Mirrors UseDPoPNonceError.
JsonWebKeyExtensionsProvides extensions for asynchronous operations on a sequence of JsonWebKey objects.
MissingAuthenticationErrorSubtype of OidcError tagging a request to a protected endpoint that carried no authentication information at all. RFC 6750 §3.1: in that case the challenge SHOULD NOT include an error code or other error attributes — a bare WWW-Authenticate header simply tells the client that authentication is required. The error code still drives the internal 401 status-code mapping; only the challenge attributes are suppressed by the builder. Mirrors InvalidDPoPProofError as a typed marker for deterministic pattern matching.
OidcErrorRepresents an error that occurred during OAuth 2.0/OpenID Connect request processing.
ParametersProviderExtracts parameters from an object by serializing it to a JSON element and enumerating its properties. Pure System.Text.Json, framework-neutral — the single implementation both the MVC and Minimal API transports use.
UseDPoPNonceErrorSubtype of OidcError that signals an RFC 9449 §8 nonce-challenge: the DPoP proof either omitted the nonce claim or carried a stale one, and the server is responding with use_dpop_nonce plus a fresh nonce the client must echo on the next attempt. The carried Nonce value travels out through the response formatter as the DPoP-Nonce HTTP header alongside the standard error envelope — the body shape stays {error, error_description}; the nonce rides on a header, not in the JSON.
WwwAuthenticateBuilderBuilds WWW-Authenticate challenge values for the Bearer scheme (RFC 6750 §3) and the DPoP scheme (RFC 9449 §7.1). Endpoint-agnostic and framework-agnostic so the same emission logic serves UserInfo, introspection, revocation, and any future protected endpoint, regardless of whether the host is ASP.NET Core MVC, minimal APIs, or another framework altogether.