ClientCredentialFactory Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement
ClientCredentialFactory Class
Coordinates credential generation by composing ID generation, secret generation, hashing, and expiration calculation. Uses SHA-512 for strong cryptographic hashing while maintaining configurable secret length and expiration policies.
public class ClientCredentialFactory : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces.IClientCredentialFactory
Inheritance System.Object → ClientCredentialFactory
Implements IClientCredentialFactory
Constructors
ClientCredentialFactory(IClientIdGenerator, IClientSecretGenerator, IHashService, NewClientOptions, TimeProvider) Constructor
Coordinates credential generation by composing ID generation, secret generation, hashing, and expiration calculation. Uses SHA-512 for strong cryptographic hashing while maintaining configurable secret length and expiration policies.
public ClientCredentialFactory(Abblix.Oidc.Server.Features.RandomGenerators.IClientIdGenerator clientIdGenerator, Abblix.Oidc.Server.Features.RandomGenerators.IClientSecretGenerator clientSecretGenerator, Abblix.Oidc.Server.Features.Hashing.IHashService hashService, Abblix.Oidc.Server.Common.Configuration.NewClientOptions options, System.TimeProvider clock);
Parameters
clientIdGenerator IClientIdGenerator
clientSecretGenerator IClientSecretGenerator
hashService IHashService
options NewClientOptions
clock System.TimeProvider
Methods
ClientCredentialFactory.Create(string, string) Method
Generates secrets conditionally based on authentication method to avoid unnecessary secret generation for public clients. Uses time-based expiration to enforce secret rotation policies. SHA-512 provides cryptographic strength while remaining compatible with HMAC-based client_secret_jwt.
public Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces.ClientCredentials Create(string tokenEndpointAuthMethod, string? clientId=null);
Parameters
tokenEndpointAuthMethod System.String
Determines whether secret generation is required.
clientId System.String
Allows external client ID assignment for pre-registration scenarios.
Implements Create(string, string)
Returns
ClientCredentials
Credentials containing both plain-text (for transmission) and hashed (for storage) secret formats,
along with calculated expiration timestamp.