Skip to main content

RefreshTokenGrantHandler Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Token.Grants

RefreshTokenGrantHandler Class

IAuthorizationGrantHandler for grant_type=refresh_token (RFC 6749 §6). Verifies the refresh token's signature and lifetime, requires the JWT typ header to be rt+jwt, recovers the original AuthorizedGrant, and rejects the request with invalid_grant when the refreshing client differs from the client that received the token.

public class RefreshTokenGrantHandler : Abblix.Oidc.Server.Endpoints.Token.Grants.IAuthorizationGrantHandler, Abblix.Oidc.Server.Common.Interfaces.IGrantTypeInformer

Inheritance System.Object → RefreshTokenGrantHandler

Implements IAuthorizationGrantHandler, IGrantTypeInformer

Constructors

RefreshTokenGrantHandler(IAuthServiceJwtValidator, IRefreshTokenService) Constructor

IAuthorizationGrantHandler for grant_type=refresh_token (RFC 6749 §6). Verifies the refresh token's signature and lifetime, requires the JWT typ header to be rt+jwt, recovers the original AuthorizedGrant, and rejects the request with invalid_grant when the refreshing client differs from the client that received the token.

public RefreshTokenGrantHandler(Abblix.Oidc.Server.Features.Tokens.Validation.IAuthServiceJwtValidator jwtValidator, Abblix.Oidc.Server.Features.Tokens.IRefreshTokenService refreshTokenService);

Parameters

jwtValidator IAuthServiceJwtValidator

Validates the refresh-token JWT issued by this server.

refreshTokenService IRefreshTokenService

Resolves the refresh-token JWT to an AuthorizedGrant and enforces single-use / rotation semantics.

Properties

RefreshTokenGrantHandler.GrantTypesSupported Property

Indicates that this handler is responsible for processing the 'refresh_token' grant type. The framework uses this information to ensure that this handler is only invoked for the refresh token flow.

public System.Collections.Generic.IEnumerable<string> GrantTypesSupported { get; }

Implements GrantTypesSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

Methods

RefreshTokenGrantHandler.AuthorizeAsync(TokenRequest, ClientInfo) Method

Processes a token request using the refresh token grant type. This method validates the refresh token, ensures that the token is associated with the correct client, and generates new tokens if the request is valid.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeAsync(Abblix.Oidc.Server.Model.TokenRequest request, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);

Parameters

request TokenRequest

The token request, containing the refresh token and other required parameters.

clientInfo ClientInfo

The client information, used to verify the request is coming from an authorized client.

Implements AuthorizeAsync(TokenRequest, ClientInfo)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task representing the outcome of the authorization process, either returning a successful grant with a new access token or an error if the request is invalid or the refresh token is unauthorized.