JwtAlgorithmsProvider Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Configuration
JwtAlgorithmsProvider Class
Provides JWT algorithm metadata by delegating to JWT creator and validator.
public sealed class JwtAlgorithmsProvider : Abblix.Oidc.Server.Endpoints.Configuration.Interfaces.IJwtAlgorithmsProvider
Inheritance System.Object → JwtAlgorithmsProvider
Implements IJwtAlgorithmsProvider
Constructors
JwtAlgorithmsProvider(IJsonWebTokenCreator, IJsonWebTokenValidator) Constructor
Provides JWT algorithm metadata by delegating to JWT creator and validator.
public JwtAlgorithmsProvider(Abblix.Jwt.IJsonWebTokenCreator jwtCreator, Abblix.Jwt.IJsonWebTokenValidator jwtValidator);
Parameters
jwtCreator IJsonWebTokenCreator
jwtValidator IJsonWebTokenValidator
Properties
JwtAlgorithmsProvider.AuthorizationEncryptionAlgValuesSupported Property
Lists the JWE key-management algorithms (the alg values) the authorization server can use to
encrypt JARM authorization responses, advertised via authorization_encryption_alg_values_supported
(JARM §4).
public System.Collections.Generic.IEnumerable<string> AuthorizationEncryptionAlgValuesSupported { get; }
Implements AuthorizationEncryptionAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.AuthorizationEncryptionEncValuesSupported Property
Lists the JWE content-encryption algorithms (the enc values) the authorization server can use to
encrypt JARM authorization responses, advertised via authorization_encryption_enc_values_supported
(JARM §4).
public System.Collections.Generic.IEnumerable<string> AuthorizationEncryptionEncValuesSupported { get; }
Implements AuthorizationEncryptionEncValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.AuthorizationSigningAlgValuesSupported Property
Lists the JWS algorithms the authorization server uses to sign JARM authorization responses,
advertised via authorization_signing_alg_values_supported (JARM §4).
public System.Collections.Generic.IEnumerable<string> AuthorizationSigningAlgValuesSupported { get; }
Implements AuthorizationSigningAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.BackChannelAuthenticationRequestSigningAlgValuesSupported Property
CIBA Core §7.1.1 requires the signed backchannel authentication request to use an asymmetric algorithm, so both "none" and the symmetric HS* algorithms are excluded here.
public System.Collections.Generic.IEnumerable<string> BackChannelAuthenticationRequestSigningAlgValuesSupported { get; }
Implements BackChannelAuthenticationRequestSigningAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.DpopSigningAlgorithmsSupported Property
Lists the JWS signing algorithms the authorization server accepts on inbound DPoP
proofs (RFC 9449 §5.1 dpop_signing_alg_values_supported): the intersection
of SigningAlgorithmsSupported with the static DPoP-compatible
whitelist. The validator-side set is the source — the AS verifies proofs the
client signs, it does not issue them.
public System.Collections.Generic.IEnumerable<string> DpopSigningAlgorithmsSupported { get; }
Implements DpopSigningAlgorithmsSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.IntrospectionEncryptionAlgValuesSupported Property
Lists the JWE key-management algorithms (the alg values) the authorization server can use to encrypt
JWT introspection responses, advertised via introspection_encryption_alg_values_supported
(RFC 9701 §7).
public System.Collections.Generic.IEnumerable<string> IntrospectionEncryptionAlgValuesSupported { get; }
Implements IntrospectionEncryptionAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.IntrospectionEncryptionEncValuesSupported Property
Lists the JWE content-encryption algorithms (the enc values) the authorization server can use to
encrypt JWT introspection responses, advertised via introspection_encryption_enc_values_supported
(RFC 9701 §7).
public System.Collections.Generic.IEnumerable<string> IntrospectionEncryptionEncValuesSupported { get; }
Implements IntrospectionEncryptionEncValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.IntrospectionSigningAlgValuesSupported Property
Lists the JWS algorithms the authorization server uses to sign JWT introspection responses,
advertised via introspection_signing_alg_values_supported (RFC 9701 §7).
public System.Collections.Generic.IEnumerable<string> IntrospectionSigningAlgValuesSupported { get; }
Implements IntrospectionSigningAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.RequestObjectEncryptionAlgValuesSupported Property
Lists the JWE key-management algorithms (the alg values) the authorization server
accepts when a client encrypts a request object to the server (RFC 9101 §6.1),
advertised via request_object_encryption_alg_values_supported.
public System.Collections.Generic.IEnumerable<string> RequestObjectEncryptionAlgValuesSupported { get; }
Implements RequestObjectEncryptionAlgValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.RequestObjectEncryptionEncValuesSupported Property
Lists the JWE content-encryption algorithms (the enc values) the authorization server
accepts when a client encrypts a request object to the server (RFC 9101 §6.1),
advertised via request_object_encryption_enc_values_supported.
public System.Collections.Generic.IEnumerable<string> RequestObjectEncryptionEncValuesSupported { get; }
Implements RequestObjectEncryptionEncValuesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.SignedResponseAlgorithmsSupported Property
Lists the signing algorithms supported for ID tokens and UserInfo responses.
public System.Collections.Generic.IEnumerable<string> SignedResponseAlgorithmsSupported { get; }
Implements SignedResponseAlgorithmsSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.SigningAlgorithmsSupported Property
Lists the signing algorithms supported for validating signed requests and authentication.
public System.Collections.Generic.IEnumerable<string> SigningAlgorithmsSupported { get; }
Implements SigningAlgorithmsSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
JwtAlgorithmsProvider.TokenEndpointAuthSigningAlgValuesSupported Property
RFC 8414 §2 and OpenID Connect Discovery 1.0 §3 both state the value "none" MUST NOT appear in token_endpoint_auth_signing_alg_values_supported — a client authenticates by signing a JWT assertion, so an unsecured assertion would prove nothing. HS* stay because client_secret_jwt legitimately keys on the shared client secret.
public System.Collections.Generic.IEnumerable<string> TokenEndpointAuthSigningAlgValuesSupported { get; }
Implements TokenEndpointAuthSigningAlgValuesSupported