Skip to main content

InitialAccessTokenRevocationProvider Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.DynamicClientManagement

InitialAccessTokenRevocationProvider Class

Default implementation that checks revocation against RevokedInitialAccessTokenSubjects. For production use with large or dynamic revocation lists, replace with a database- or cache-backed implementation.

public class InitialAccessTokenRevocationProvider : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces.IInitialAccessTokenRevocationProvider

Inheritance System.Object → InitialAccessTokenRevocationProvider

Implements IInitialAccessTokenRevocationProvider

Constructors

InitialAccessTokenRevocationProvider(IOptionsMonitor<OidcOptions>) Constructor

Default implementation that checks revocation against RevokedInitialAccessTokenSubjects. For production use with large or dynamic revocation lists, replace with a database- or cache-backed implementation.

public InitialAccessTokenRevocationProvider(Microsoft.Extensions.Options.IOptionsMonitor<Abblix.Oidc.Server.Common.Configuration.OidcOptions> options);

Parameters

options Microsoft.Extensions.Options.IOptionsMonitor<OidcOptions>

OIDC configuration containing the set of revoked token identifiers.

Methods

InitialAccessTokenRevocationProvider.IsRevokedAsync(string) Method

Determines whether the initial access token with the specified identifier has been revoked.

public System.Threading.Tasks.Task<bool> IsRevokedAsync(string subject);

Parameters

subject System.String

The unique identifier of the token (from the JWT subject claim).

Implements IsRevokedAsync(string)

Returns

System.Threading.Tasks.Task<System.Boolean>
A task that results in true if the token has been revoked, false otherwise.