Skip to main content

AuthorizationCodeReusePreventingDecorator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Token

AuthorizationCodeReusePreventingDecorator Class

Enhances token processing by revoking tokens associated with previously used authorization codes, preventing authorization code reuse in compliance with OAuth 2.0 security best practices.

public class AuthorizationCodeReusePreventingDecorator : Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenRequestProcessor

Inheritance System.Object → AuthorizationCodeReusePreventingDecorator

Implements ITokenRequestProcessor

Remarks

This class decorates the standard token request processing flow with additional security measures to ensure the integrity of the authorization process. It detects when an authorization code, which should only be used once, is attempted to be used multiple times. In such cases, it revokes any tokens previously issued with that code and denies the request, effectively mitigating potential security risks associated with code reuse.

Constructors

AuthorizationCodeReusePreventingDecorator(ITokenRequestProcessor, ITokenRegistry, IAuthorizationCodeService) Constructor

Enhances token processing by revoking tokens associated with previously used authorization codes, preventing authorization code reuse in compliance with OAuth 2.0 security best practices.

public AuthorizationCodeReusePreventingDecorator(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenRequestProcessor processor, Abblix.Oidc.Server.Features.Storages.ITokenRegistry tokenRegistry, Abblix.Oidc.Server.Features.Storages.IAuthorizationCodeService authorizationCodeService);

Parameters

processor ITokenRequestProcessor

The underlying token request processor to be enhanced.

tokenRegistry ITokenRegistry

The registry used for managing token states and revocation.

authorizationCodeService IAuthorizationCodeService

The service responsible for managing the lifecycle of authorization codes.

Remarks

This class decorates the standard token request processing flow with additional security measures to ensure the integrity of the authorization process. It detects when an authorization code, which should only be used once, is attempted to be used multiple times. In such cases, it revokes any tokens previously issued with that code and denies the request, effectively mitigating potential security risks associated with code reuse.

Methods

AuthorizationCodeReusePreventingDecorator.ProcessAsync(ValidTokenRequest) Method

Processes a valid token request, including revoking existing tokens if necessary and registering new tokens.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.TokenIssued,Abblix.Oidc.Server.Common.OidcError>> ProcessAsync(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ValidTokenRequest request);

Parameters

request ValidTokenRequest

The valid token request to process.

Implements ProcessAsync(ValidTokenRequest)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<TokenIssued,OidcError>>
A task that returns a TokenIssued on success or an OidcError on failure.