AuthorizationCodeReusePreventingDecorator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Token
AuthorizationCodeReusePreventingDecorator Class
Enhances token processing by revoking tokens associated with previously used authorization codes, preventing authorization code reuse in compliance with OAuth 2.0 security best practices.
public class AuthorizationCodeReusePreventingDecorator : Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenRequestProcessor
Inheritance System.Object → AuthorizationCodeReusePreventingDecorator
Implements ITokenRequestProcessor
Remarks
This class decorates the standard token request processing flow with additional security measures to ensure the integrity of the authorization process. It detects when an authorization code, which should only be used once, is attempted to be used multiple times. In such cases, it revokes any tokens previously issued with that code and denies the request, effectively mitigating potential security risks associated with code reuse.
Constructors
AuthorizationCodeReusePreventingDecorator(ITokenRequestProcessor, ITokenRegistry, IAuthorizationCodeService) Constructor
Enhances token processing by revoking tokens associated with previously used authorization codes, preventing authorization code reuse in compliance with OAuth 2.0 security best practices.
public AuthorizationCodeReusePreventingDecorator(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenRequestProcessor processor, Abblix.Oidc.Server.Features.Storages.ITokenRegistry tokenRegistry, Abblix.Oidc.Server.Features.Storages.IAuthorizationCodeService authorizationCodeService);
Parameters
processor ITokenRequestProcessor
The underlying token request processor to be enhanced.
tokenRegistry ITokenRegistry
The registry used for managing token states and revocation.
authorizationCodeService IAuthorizationCodeService
The service responsible for managing the lifecycle of authorization codes.
Remarks
This class decorates the standard token request processing flow with additional security measures to ensure the integrity of the authorization process. It detects when an authorization code, which should only be used once, is attempted to be used multiple times. In such cases, it revokes any tokens previously issued with that code and denies the request, effectively mitigating potential security risks associated with code reuse.
Methods
AuthorizationCodeReusePreventingDecorator.ProcessAsync(ValidTokenRequest) Method
Processes a valid token request, including revoking existing tokens if necessary and registering new tokens.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.TokenIssued,Abblix.Oidc.Server.Common.OidcError>> ProcessAsync(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ValidTokenRequest request);
Parameters
request ValidTokenRequest
The valid token request to process.
Implements ProcessAsync(ValidTokenRequest)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<TokenIssued,OidcError>>
A task that returns a TokenIssued on success or an OidcError on failure.