IRegistrationAccessTokenValidator Interface
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Interfaces
IRegistrationAccessTokenValidator Interface
Validates the registration access token presented on calls to the client configuration
endpoint per RFC 7592 §3. Verifies the bearer token from the Authorization header
is bound to the requested client_id.
public interface IRegistrationAccessTokenValidator
Derived
↳ RegistrationAccessTokenValidator
Methods
IRegistrationAccessTokenValidator.ValidateAsync(AuthenticationHeaderValue, string, string) Method
Validates the bearer token, ensuring it is well-formed, of the expected type, and authorized to manage the specified client.
System.Threading.Tasks.Task<string?> ValidateAsync(System.Net.Http.Headers.AuthenticationHeaderValue? header, string clientId, string? expectedTokenId);
Parameters
header System.Net.Http.Headers.AuthenticationHeaderValue
The HTTP Authorization header carrying the bearer token.
clientId System.String
The client_id targeted by the management request.
expectedTokenId System.String
The jti the token must carry to be accepted — the value stored on the client when its
current registration access token was issued. When null the binding is not enforced
(statically configured client, or a record predating the stored id) and only signature,
type and audience are checked.
Returns
System.Threading.Tasks.Task<System.String>
null when the token is valid for the client; otherwise a human-readable description
of the validation failure.