Skip to main content

SecurityProfileValidator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation

SecurityProfileValidator Class

Fail-loud companion to the request-time profile enforcement: rejects a registration whose declared response types can never satisfy the security profile the client falls under, so the contradiction surfaces at registration with a clear invalid_client_metadata diagnostic instead of as a per-request rejection the client has to reverse-engineer later. Whether a client is held to a profile is a server-side policy decision: a dynamically registered client cannot declare one, so it inherits the server-wide DefaultSecurityProfile.

public class SecurityProfileValidator : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation.SyncClientRegistrationContextValidator

Inheritance System.ObjectSyncClientRegistrationContextValidator → SecurityProfileValidator

Constructors

SecurityProfileValidator(IOptions<OidcOptions>) Constructor

Fail-loud companion to the request-time profile enforcement: rejects a registration whose declared response types can never satisfy the security profile the client falls under, so the contradiction surfaces at registration with a clear invalid_client_metadata diagnostic instead of as a per-request rejection the client has to reverse-engineer later. Whether a client is held to a profile is a server-side policy decision: a dynamically registered client cannot declare one, so it inherits the server-wide DefaultSecurityProfile.

public SecurityProfileValidator(Microsoft.Extensions.Options.IOptions<Abblix.Oidc.Server.Common.Configuration.OidcOptions> options);

Parameters

options Microsoft.Extensions.Options.IOptions<OidcOptions>

Provides the server-wide default profile a registered client inherits.