SupportedGrantTypeValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation
SupportedGrantTypeValidator Class
Rejects client registration when any value in grant_types is not advertised as
supported by this server, returning invalid_client_metadata per OIDC DCR §3.2.
Without this gate the registration would succeed and the client would only fail later at
the token endpoint with unsupported_grant_type, or at the authorization endpoint
for the implicit grant. Companion to SupportedResponseTypeValidator,
which applies the same rule to response_types.
public class SupportedGrantTypeValidator : Abblix.Oidc.Server.Endpoints.DynamicClientManagement.Validation.SyncClientRegistrationContextValidator
Inheritance System.Object → SyncClientRegistrationContextValidator → SupportedGrantTypeValidator
Constructors
SupportedGrantTypeValidator(IEnumerable<IGrantTypeInformer>) Constructor
Rejects client registration when any value in grant_types is not advertised as
supported by this server, returning invalid_client_metadata per OIDC DCR §3.2.
Without this gate the registration would succeed and the client would only fail later at
the token endpoint with unsupported_grant_type, or at the authorization endpoint
for the implicit grant. Companion to SupportedResponseTypeValidator,
which applies the same rule to response_types.
public SupportedGrantTypeValidator(System.Collections.Generic.IEnumerable<Abblix.Oidc.Server.Common.Interfaces.IGrantTypeInformer> grantTypeInformers);
Parameters
grantTypeInformers System.Collections.Generic.IEnumerable<IGrantTypeInformer>
All registered IGrantTypeInformer
contributors. Their union is the same grant_types_supported set the discovery
endpoint advertises, so registration gating, run-time gating, and discovery share one
source of truth. Notable contributors: the authorization endpoint yields
implicit only when the host has called EnableImplicitFlow(); the composite
token-endpoint grant handler yields every registered token-endpoint grant such as
authorization_code, refresh_token, client_credentials,
jwt-bearer, and password (only when EnablePasswordGrant() has been
called).