Skip to main content

AuthorizationHandler Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Authorization

AuthorizationHandler Class

Handles authorization requests by fetching, validating, processing and encoding the response.

public class AuthorizationHandler : Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.IAuthorizationHandler

Inheritance System.Object → AuthorizationHandler

Implements IAuthorizationHandler

Constructors

AuthorizationHandler(IAuthorizationRequestFetcher, IAuthorizationRequestValidator, IAuthorizationRequestProcessor, IAuthorizationResponseEncoder) Constructor

Handles authorization requests by fetching, validating, processing and encoding the response.

public AuthorizationHandler(Abblix.Oidc.Server.Endpoints.Authorization.RequestFetching.IAuthorizationRequestFetcher fetcher, Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.IAuthorizationRequestValidator validator, Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.IAuthorizationRequestProcessor processor, Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.IAuthorizationResponseEncoder responseEncoder);

Parameters

fetcher IAuthorizationRequestFetcher

Resolves the effective authorization request, including dereferencing pushed (RFC 9126) or request-object (OIDC Core §6) variants.

validator IAuthorizationRequestValidator

Performs protocol-level validation of the resolved request prior to processing.

processor IAuthorizationRequestProcessor

Produces the validated authorization result projected onto the wire.

responseEncoder IAuthorizationResponseEncoder

Applies iss/scope gating and, for a JARM request, packs the response parameters into the response JWT, at the single convergence point for success and every error variant.

Methods

AuthorizationHandler.HandleAsync(AuthorizationRequest) Method

Asynchronously handles an authorization request by first fetching the request if necessary, validating the request and then processing it to generate an authorization response.

public System.Threading.Tasks.Task<Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.AuthorizationResponse> HandleAsync(Abblix.Oidc.Server.Model.AuthorizationRequest request);

Parameters

request AuthorizationRequest

The authorization request to be handled. This can be a direct request or a reference to an external request that needs to be fetched.

Implements HandleAsync(AuthorizationRequest)

Returns

System.Threading.Tasks.Task<AuthorizationResponse>
A task that returns an AuthorizationResponse. This response can be either an authorization success response or an error response based on the fetching, validation and processing outcomes.

Exceptions

UnexpectedTypeException
Thrown if the validation result is of an unexpected type.

Remarks

The handling process involves three main steps: 1. Fetching of the authorization request if specified by a request or request_uri parameter. 2. Validation of the authorization request against predefined criteria to ensure its legitimacy and completeness. 3. Processing of the validated request to generate an authorization response, which could involve user authentication, consent handling, and token issuance.

This method ensures that only requests meeting the necessary validation criteria are processed, maintaining the integrity and security of the authorization flow.