IRevocationHandler Interface
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Revocation.Interfaces
IRevocationHandler Interface
Defines a contract for handling revocation requests for access or refresh tokens as per OAuth 2.0 Token Revocation specifications. Ensures implementations can securely validate and process such requests to revoke tokens effectively.
public interface IRevocationHandler
Derived
↳ RevocationHandler
Methods
IRevocationHandler.HandleAsync(RevocationRequest, ClientRequest) Method
Asynchronously handles a token revocation request by validating and then processing it to revoke the specified token.
System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Revocation.Interfaces.TokenRevoked,Abblix.Oidc.Server.Common.OidcError>> HandleAsync(Abblix.Oidc.Server.Model.RevocationRequest revocationRequest, Abblix.Oidc.Server.Model.ClientRequest clientRequest);
Parameters
revocationRequest RevocationRequest
The details of the revocation request, including the token to be revoked.
clientRequest ClientRequest
Additional information about the client making the revocation request, necessary for context-specific validation.
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<TokenRevoked,OidcError>>
A System.Threading.Tasks.Task that resolves to a Abblix.Utils.Result<> containing either
TokenRevoked on success or OidcError on failure.
Remarks
This method is crucial for maintaining the security and integrity of the authorization server by allowing clients to revoke tokens that are no longer needed or may have been compromised. Implementations must ensure that revocation requests are authenticated and authorized before proceeding with token revocation, adhering to the OAuth 2.0 Token Revocation specification (RFC 7009).