Skip to main content

IIntrospectionRequestValidator Interface

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Introspection.Interfaces

IIntrospectionRequestValidator Interface

Authenticates the calling client (RFC 7662 §2.1, "the protected resource calls the introspection endpoint using an HTTP request") and validates the supplied token. Implementations are expected to coerce token problems (expired, signed by a different issuer, audience mismatch, issued to another client) into a non-disclosing active=false result via InvalidToken(IntrospectionRequest, ClientInfo).

public interface IIntrospectionRequestValidator

Derived
IntrospectionRequestValidator

Methods

IIntrospectionRequestValidator.ValidateAsync(IntrospectionRequest, ClientRequest) Method

Authenticates the caller and validates the introspected token.

System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Introspection.Interfaces.ValidIntrospectionRequest,Abblix.Oidc.Server.Common.OidcError>> ValidateAsync(Abblix.Oidc.Server.Model.IntrospectionRequest introspectionRequest, Abblix.Oidc.Server.Model.ClientRequest clientRequest);

Parameters

introspectionRequest IntrospectionRequest

Wire-level request carrying the token to introspect.

clientRequest ClientRequest

Carrier of the client's authentication credentials.

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<ValidIntrospectionRequest,OidcError>>
A ValidIntrospectionRequest on success (with Token set or null); an OidcError only when the caller itself cannot be authenticated.