Skip to main content

AuthorizationCodeGrantHandler Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Token.Grants

AuthorizationCodeGrantHandler Class

IAuthorizationGrantHandler for grant_type=authorization_code (RFC 6749 §4.1.3). Resolves the code to its stored AuthorizedGrant, asserts that the redeeming client is the same one the code was issued to, and, when a code_challenge was bound at the authorization request, runs the RFC 7636 §4.6 verification by transforming the submitted code_verifier with the recorded plain / S256 / S512 method.

public class AuthorizationCodeGrantHandler : Abblix.Oidc.Server.Endpoints.Token.Grants.IAuthorizationGrantHandler, Abblix.Oidc.Server.Common.Interfaces.IGrantTypeInformer

Inheritance System.Object → AuthorizationCodeGrantHandler

Implements IAuthorizationGrantHandler, IGrantTypeInformer

Constructors

AuthorizationCodeGrantHandler(IAuthorizationCodeService) Constructor

IAuthorizationGrantHandler for grant_type=authorization_code (RFC 6749 §4.1.3). Resolves the code to its stored AuthorizedGrant, asserts that the redeeming client is the same one the code was issued to, and, when a code_challenge was bound at the authorization request, runs the RFC 7636 §4.6 verification by transforming the submitted code_verifier with the recorded plain / S256 / S512 method.

public AuthorizationCodeGrantHandler(Abblix.Oidc.Server.Features.Storages.IAuthorizationCodeService authorizationCodeService);

Parameters

authorizationCodeService IAuthorizationCodeService

Persists, looks up and removes authorization codes.

Properties

AuthorizationCodeGrantHandler.GrantTypesSupported Property

Provides the grant type this handler supports, which is the OAuth 2.0 'authorization_code' grant type. This information is useful for identifying the handler's capabilities in a broader authorization framework.

public System.Collections.Generic.IEnumerable<string> GrantTypesSupported { get; }

Implements GrantTypesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

Methods

AuthorizationCodeGrantHandler.AuthorizeAsync(TokenRequest, ClientInfo) Method

Authorizes a token request asynchronously using the authorization code grant type. This method validates the authorization code submitted by the client, ensures the client making the request is the same as the one to whom the code was originally issued, and performs any necessary PKCE checks. It ensures that all security requirements, including client verification and PKCE validation, are enforced before tokens are issued.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeAsync(Abblix.Oidc.Server.Model.TokenRequest request, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);

Parameters

request TokenRequest

The token request containing the authorization code and other necessary parameters.

clientInfo ClientInfo

Information about the client, used to verify that the request is valid for this client.

Implements AuthorizeAsync(TokenRequest, ClientInfo)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task that represents the asynchronous authorization operation. The result is either an authorized grant or an error indicating why the request failed.