AuthorizationCodeGrantHandler Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Token.Grants
AuthorizationCodeGrantHandler Class
IAuthorizationGrantHandler for grant_type=authorization_code (RFC 6749 §4.1.3).
Resolves the code to its stored AuthorizedGrant, asserts that the redeeming client is
the same one the code was issued to, and, when a code_challenge was bound at the authorization
request, runs the RFC 7636 §4.6 verification by transforming the submitted code_verifier with
the recorded plain / S256 / S512 method.
public class AuthorizationCodeGrantHandler : Abblix.Oidc.Server.Endpoints.Token.Grants.IAuthorizationGrantHandler, Abblix.Oidc.Server.Common.Interfaces.IGrantTypeInformer
Inheritance System.Object → AuthorizationCodeGrantHandler
Implements IAuthorizationGrantHandler, IGrantTypeInformer
Constructors
AuthorizationCodeGrantHandler(IAuthorizationCodeService) Constructor
IAuthorizationGrantHandler for grant_type=authorization_code (RFC 6749 §4.1.3).
Resolves the code to its stored AuthorizedGrant, asserts that the redeeming client is
the same one the code was issued to, and, when a code_challenge was bound at the authorization
request, runs the RFC 7636 §4.6 verification by transforming the submitted code_verifier with
the recorded plain / S256 / S512 method.
public AuthorizationCodeGrantHandler(Abblix.Oidc.Server.Features.Storages.IAuthorizationCodeService authorizationCodeService);
Parameters
authorizationCodeService IAuthorizationCodeService
Persists, looks up and removes authorization codes.
Properties
AuthorizationCodeGrantHandler.GrantTypesSupported Property
Provides the grant type this handler supports, which is the OAuth 2.0 'authorization_code' grant type. This information is useful for identifying the handler's capabilities in a broader authorization framework.
public System.Collections.Generic.IEnumerable<string> GrantTypesSupported { get; }
Implements GrantTypesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
Methods
AuthorizationCodeGrantHandler.AuthorizeAsync(TokenRequest, ClientInfo) Method
Authorizes a token request asynchronously using the authorization code grant type. This method validates the authorization code submitted by the client, ensures the client making the request is the same as the one to whom the code was originally issued, and performs any necessary PKCE checks. It ensures that all security requirements, including client verification and PKCE validation, are enforced before tokens are issued.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeAsync(Abblix.Oidc.Server.Model.TokenRequest request, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);
Parameters
request TokenRequest
The token request containing the authorization code and other necessary parameters.
clientInfo ClientInfo
Information about the client, used to verify that the request is valid for this client.
Implements AuthorizeAsync(TokenRequest, ClientInfo)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task that represents the asynchronous authorization operation.
The result is either an authorized grant or an error indicating why the request failed.