RefreshTokenGrantHandler Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Token.Grants
RefreshTokenGrantHandler Class
IAuthorizationGrantHandler for grant_type=refresh_token (RFC 6749 §6).
Verifies the refresh token's signature and lifetime, requires the JWT typ header to be
rt+jwt, recovers the original AuthorizedGrant, and rejects the request with
invalid_grant when the refreshing client differs from the client that received the token.
public class RefreshTokenGrantHandler : Abblix.Oidc.Server.Endpoints.Token.Grants.IAuthorizationGrantHandler, Abblix.Oidc.Server.Common.Interfaces.IGrantTypeInformer
Inheritance System.Object → RefreshTokenGrantHandler
Implements IAuthorizationGrantHandler, IGrantTypeInformer
Constructors
RefreshTokenGrantHandler(IAuthServiceJwtValidator, IRefreshTokenService) Constructor
IAuthorizationGrantHandler for grant_type=refresh_token (RFC 6749 §6).
Verifies the refresh token's signature and lifetime, requires the JWT typ header to be
rt+jwt, recovers the original AuthorizedGrant, and rejects the request with
invalid_grant when the refreshing client differs from the client that received the token.
public RefreshTokenGrantHandler(Abblix.Oidc.Server.Features.Tokens.Validation.IAuthServiceJwtValidator jwtValidator, Abblix.Oidc.Server.Features.Tokens.IRefreshTokenService refreshTokenService);
Parameters
jwtValidator IAuthServiceJwtValidator
Validates the refresh-token JWT issued by this server.
refreshTokenService IRefreshTokenService
Resolves the refresh-token JWT to an AuthorizedGrant and enforces single-use / rotation semantics.
Properties
RefreshTokenGrantHandler.GrantTypesSupported Property
Indicates that this handler is responsible for processing the 'refresh_token' grant type. The framework uses this information to ensure that this handler is only invoked for the refresh token flow.
public System.Collections.Generic.IEnumerable<string> GrantTypesSupported { get; }
Implements GrantTypesSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
Methods
RefreshTokenGrantHandler.AuthorizeAsync(TokenRequest, ClientInfo) Method
Processes a token request using the refresh token grant type. This method validates the refresh token, ensures that the token is associated with the correct client, and generates new tokens if the request is valid.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeAsync(Abblix.Oidc.Server.Model.TokenRequest request, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);
Parameters
request TokenRequest
The token request, containing the refresh token and other required parameters.
clientInfo ClientInfo
The client information, used to verify the request is coming from an authorized client.
Implements AuthorizeAsync(TokenRequest, ClientInfo)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task representing the outcome of the authorization process, either returning a successful grant with a new
access token or an error if the request is invalid or the refresh token is unauthorized.