ScopeValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.BackChannelAuthentication.Validation
ScopeValidator Class
Validates the scopes in OAuth 2.0 authorization requests for backchannel authentication. This validator ensures that the requested scopes are allowed based on the client's configuration and the type of OAuth flow being used. It checks for scope compatibility and prevents unauthorized or excessive scope requests, reinforcing the security policies and minimizing scope-related vulnerabilities.
public class ScopeValidator : Abblix.Oidc.Server.Endpoints.BackChannelAuthentication.Validation.IBackChannelAuthenticationContextValidator
Inheritance System.Object → ScopeValidator
Implements IBackChannelAuthenticationContextValidator
Constructors
ScopeValidator(IScopeManager) Constructor
Validates the scopes in OAuth 2.0 authorization requests for backchannel authentication. This validator ensures that the requested scopes are allowed based on the client's configuration and the type of OAuth flow being used. It checks for scope compatibility and prevents unauthorized or excessive scope requests, reinforcing the security policies and minimizing scope-related vulnerabilities.
public ScopeValidator(Abblix.Oidc.Server.Features.ScopeManagement.IScopeManager scopeManager);
Parameters
scopeManager IScopeManager
The scope manager used to validate scopes.
Methods
ScopeValidator.ValidateAsync(BackChannelAuthenticationValidationContext) Method
Validates the scopes in the context of the backchannel authentication request, checking if they align with the client's permissions and the OAuth flow. This method prevents the client from requesting unauthorized scopes, such as offline access, unless explicitly allowed by the client's configuration.
public System.Threading.Tasks.Task<Abblix.Oidc.Server.Common.OidcError?> ValidateAsync(Abblix.Oidc.Server.Endpoints.BackChannelAuthentication.Validation.BackChannelAuthenticationValidationContext context);
Parameters
context BackChannelAuthenticationValidationContext
The validation context that includes details about the request and the client.
Implements ValidateAsync(BackChannelAuthenticationValidationContext)
Returns
System.Threading.Tasks.Task<OidcError>
A OidcError if the scope validation fails,
or null if the scopes in the request are valid.