SecurityProfileValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation
SecurityProfileValidator Class
Fail-loud companion to the request-time profile enforcement: rejects a registration whose declared
response types can never satisfy the security profile the client falls under, so the contradiction
surfaces at registration with a clear invalid_client_metadata diagnostic instead of as a
per-request rejection the client has to reverse-engineer later. Whether a client is held to a
profile is a server-side policy decision: a dynamically registered client cannot declare one, so it
inherits the server-wide DefaultSecurityProfile.
public class SecurityProfileValidator : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation.SyncClientRegistrationContextValidator
Inheritance System.Object → SyncClientRegistrationContextValidator → SecurityProfileValidator
Constructors
SecurityProfileValidator(IOptions<OidcOptions>) Constructor
Fail-loud companion to the request-time profile enforcement: rejects a registration whose declared
response types can never satisfy the security profile the client falls under, so the contradiction
surfaces at registration with a clear invalid_client_metadata diagnostic instead of as a
per-request rejection the client has to reverse-engineer later. Whether a client is held to a
profile is a server-side policy decision: a dynamically registered client cannot declare one, so it
inherits the server-wide DefaultSecurityProfile.
public SecurityProfileValidator(Microsoft.Extensions.Options.IOptions<Abblix.Oidc.Server.Common.Configuration.OidcOptions> options);
Parameters
options Microsoft.Extensions.Options.IOptions<OidcOptions>
Provides the server-wide default profile a registered client inherits.