SigningAlgorithmsValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation
SigningAlgorithmsValidator Class
Validates the algorithms a client commits to using on inbound JWTs the server will verify:
request_object_signing_alg (OIDC Core §6.1),
backchannel_authentication_request_signing_alg (CIBA §7.1.1), and
token_endpoint_auth_signing_alg (RFC 7591 §2 / RFC 8414 §2). Each must appear in the
matching set the server advertises in discovery: request_object_signing_alg may be
none, but token_endpoint_auth_signing_alg excludes none and
backchannel_authentication_request_signing_alg excludes both none and the symmetric
HS* algorithms. The same provider feeds the discovery document, so DCR accepts exactly what the
server advertises.
public class SigningAlgorithmsValidator : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation.SyncClientRegistrationContextValidator
Inheritance System.Object → SyncClientRegistrationContextValidator → SigningAlgorithmsValidator
Constructors
SigningAlgorithmsValidator(IJwtAlgorithmsProvider) Constructor
Validates the algorithms a client commits to using on inbound JWTs the server will verify:
request_object_signing_alg (OIDC Core §6.1),
backchannel_authentication_request_signing_alg (CIBA §7.1.1), and
token_endpoint_auth_signing_alg (RFC 7591 §2 / RFC 8414 §2). Each must appear in the
matching set the server advertises in discovery: request_object_signing_alg may be
none, but token_endpoint_auth_signing_alg excludes none and
backchannel_authentication_request_signing_alg excludes both none and the symmetric
HS* algorithms. The same provider feeds the discovery document, so DCR accepts exactly what the
server advertises.
public SigningAlgorithmsValidator(Abblix.Oidc.Server.Endpoints.Configuration.Interfaces.IJwtAlgorithmsProvider jwtAlgorithms);
Parameters
jwtAlgorithms IJwtAlgorithmsProvider
Source of the per-parameter supported signing algorithm sets.