Skip to main content

PushedAuthorizationRequestValidator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.PushedAuthorization

PushedAuthorizationRequestValidator Class

Validates pushed authorization requests by enforcing OAuth 2.0 protocol constraints. This validator ensures that requests do not use prohibited parameters and comply with standard authorization request requirements.

public class PushedAuthorizationRequestValidator : Abblix.Oidc.Server.Endpoints.PushedAuthorization.Interfaces.IPushedAuthorizationRequestValidator

Inheritance System.Object → PushedAuthorizationRequestValidator

Implements IPushedAuthorizationRequestValidator

Constructors

PushedAuthorizationRequestValidator(IAuthorizationRequestValidator, IClientAuthenticator, IProofValidator) Constructor

Validates pushed authorization requests by enforcing OAuth 2.0 protocol constraints. This validator ensures that requests do not use prohibited parameters and comply with standard authorization request requirements.

public PushedAuthorizationRequestValidator(Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.IAuthorizationRequestValidator authorizationRequestValidator, Abblix.Oidc.Server.Features.ClientAuthentication.IClientAuthenticator clientAuthenticator, Abblix.Oidc.Server.Features.DPoP.IProofValidator proofValidator);

Parameters

authorizationRequestValidator IAuthorizationRequestValidator
clientAuthenticator IClientAuthenticator
proofValidator IProofValidator

Methods

PushedAuthorizationRequestValidator.ValidateAsync(AuthorizationRequest, ClientRequest) Method

Validates a pushed authorization request according to OAuth 2.0 and OpenID Connect standards. This method ensures that the request does not contain prohibited parameters like 'request_uri' and verifies that it adheres to the client's registered parameters. It effectively prevents misuse and ensures that the request is legitimately associated with the authenticated client.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.ValidAuthorizationRequest,Abblix.Oidc.Server.Endpoints.Authorization.Interfaces.AuthorizationRequestValidationError>> ValidateAsync(Abblix.Oidc.Server.Model.AuthorizationRequest authorizationRequest, Abblix.Oidc.Server.Model.ClientRequest clientRequest);

Parameters

authorizationRequest AuthorizationRequest

The authorization request to be validated.

clientRequest ClientRequest

Carrier of the client's authentication credentials (basic, JWT assertion, mTLS, etc.) used to authenticate the client per RFC 9126 §2. Also carries an optional DPoP header used to pre-bind the request to a proof-of-possession key (RFC 9449 §10).

Implements ValidateAsync(AuthorizationRequest, ClientRequest)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<ValidAuthorizationRequest,AuthorizationRequestValidationError>>
A task that resolves to a validation result, indicating whether the request is valid and adheres to the expected protocol constraints.