Skip to main content

JwtAlgorithmsProvider Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Configuration

JwtAlgorithmsProvider Class

Provides JWT algorithm metadata by delegating to JWT creator and validator.

public sealed class JwtAlgorithmsProvider : Abblix.Oidc.Server.Endpoints.Configuration.Interfaces.IJwtAlgorithmsProvider

Inheritance System.Object → JwtAlgorithmsProvider

Implements IJwtAlgorithmsProvider

Constructors

JwtAlgorithmsProvider(IJsonWebTokenCreator, IJsonWebTokenValidator) Constructor

Provides JWT algorithm metadata by delegating to JWT creator and validator.

public JwtAlgorithmsProvider(Abblix.Jwt.IJsonWebTokenCreator jwtCreator, Abblix.Jwt.IJsonWebTokenValidator jwtValidator);

Parameters

jwtCreator IJsonWebTokenCreator
jwtValidator IJsonWebTokenValidator

Properties

JwtAlgorithmsProvider.AuthorizationEncryptionAlgValuesSupported Property

Lists the JWE key-management algorithms (the alg values) the authorization server can use to encrypt JARM authorization responses, advertised via authorization_encryption_alg_values_supported (JARM §4).

public System.Collections.Generic.IEnumerable<string> AuthorizationEncryptionAlgValuesSupported { get; }

Implements AuthorizationEncryptionAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.AuthorizationEncryptionEncValuesSupported Property

Lists the JWE content-encryption algorithms (the enc values) the authorization server can use to encrypt JARM authorization responses, advertised via authorization_encryption_enc_values_supported (JARM §4).

public System.Collections.Generic.IEnumerable<string> AuthorizationEncryptionEncValuesSupported { get; }

Implements AuthorizationEncryptionEncValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.AuthorizationSigningAlgValuesSupported Property

Lists the JWS algorithms the authorization server uses to sign JARM authorization responses, advertised via authorization_signing_alg_values_supported (JARM §4).

public System.Collections.Generic.IEnumerable<string> AuthorizationSigningAlgValuesSupported { get; }

Implements AuthorizationSigningAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.BackChannelAuthenticationRequestSigningAlgValuesSupported Property

CIBA Core §7.1.1 requires the signed backchannel authentication request to use an asymmetric algorithm, so both "none" and the symmetric HS* algorithms are excluded here.

public System.Collections.Generic.IEnumerable<string> BackChannelAuthenticationRequestSigningAlgValuesSupported { get; }

Implements BackChannelAuthenticationRequestSigningAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.DpopSigningAlgorithmsSupported Property

Lists the JWS signing algorithms the authorization server accepts on inbound DPoP proofs (RFC 9449 §5.1 dpop_signing_alg_values_supported): the intersection of SigningAlgorithmsSupported with the static DPoP-compatible whitelist. The validator-side set is the source — the AS verifies proofs the client signs, it does not issue them.

public System.Collections.Generic.IEnumerable<string> DpopSigningAlgorithmsSupported { get; }

Implements DpopSigningAlgorithmsSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.IntrospectionEncryptionAlgValuesSupported Property

Lists the JWE key-management algorithms (the alg values) the authorization server can use to encrypt JWT introspection responses, advertised via introspection_encryption_alg_values_supported (RFC 9701 §7).

public System.Collections.Generic.IEnumerable<string> IntrospectionEncryptionAlgValuesSupported { get; }

Implements IntrospectionEncryptionAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.IntrospectionEncryptionEncValuesSupported Property

Lists the JWE content-encryption algorithms (the enc values) the authorization server can use to encrypt JWT introspection responses, advertised via introspection_encryption_enc_values_supported (RFC 9701 §7).

public System.Collections.Generic.IEnumerable<string> IntrospectionEncryptionEncValuesSupported { get; }

Implements IntrospectionEncryptionEncValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.IntrospectionSigningAlgValuesSupported Property

Lists the JWS algorithms the authorization server uses to sign JWT introspection responses, advertised via introspection_signing_alg_values_supported (RFC 9701 §7).

public System.Collections.Generic.IEnumerable<string> IntrospectionSigningAlgValuesSupported { get; }

Implements IntrospectionSigningAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.RequestObjectEncryptionAlgValuesSupported Property

Lists the JWE key-management algorithms (the alg values) the authorization server accepts when a client encrypts a request object to the server (RFC 9101 §6.1), advertised via request_object_encryption_alg_values_supported.

public System.Collections.Generic.IEnumerable<string> RequestObjectEncryptionAlgValuesSupported { get; }

Implements RequestObjectEncryptionAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.RequestObjectEncryptionEncValuesSupported Property

Lists the JWE content-encryption algorithms (the enc values) the authorization server accepts when a client encrypts a request object to the server (RFC 9101 §6.1), advertised via request_object_encryption_enc_values_supported.

public System.Collections.Generic.IEnumerable<string> RequestObjectEncryptionEncValuesSupported { get; }

Implements RequestObjectEncryptionEncValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.SignedResponseAlgorithmsSupported Property

Lists the signing algorithms supported for ID tokens and UserInfo responses.

public System.Collections.Generic.IEnumerable<string> SignedResponseAlgorithmsSupported { get; }

Implements SignedResponseAlgorithmsSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.SigningAlgorithmsSupported Property

Lists the signing algorithms supported for validating signed requests and authentication.

public System.Collections.Generic.IEnumerable<string> SigningAlgorithmsSupported { get; }

Implements SigningAlgorithmsSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

JwtAlgorithmsProvider.TokenEndpointAuthSigningAlgValuesSupported Property

RFC 8414 §2 and OpenID Connect Discovery 1.0 §3 both state the value "none" MUST NOT appear in token_endpoint_auth_signing_alg_values_supported — a client authenticates by signing a JWT assertion, so an unsecured assertion would prove nothing. HS* stay because client_secret_jwt legitimately keys on the shared client secret.

public System.Collections.Generic.IEnumerable<string> TokenEndpointAuthSigningAlgValuesSupported { get; }

Implements TokenEndpointAuthSigningAlgValuesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>