Skip to main content

TokenAuthorizationContextEvaluator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Endpoints.Token

TokenAuthorizationContextEvaluator Class

Default ITokenAuthorizationContextEvaluator: narrows the originally granted scope and resource sets to the intersection with what the token request asks for (RFC 6749 §6 / RFC 8707 §2.2), and, when the client authenticated via mTLS, derives the RFC 8705 §3 cnf.x5t#S256 certificate thumbprint to bind the issued tokens.

public class TokenAuthorizationContextEvaluator : Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenAuthorizationContextEvaluator

Inheritance System.Object → TokenAuthorizationContextEvaluator

Implements ITokenAuthorizationContextEvaluator

Methods

TokenAuthorizationContextEvaluator.EvaluateAuthorizationContext(ValidTokenRequest) Method

Evaluates and constructs a new AuthorizationContext by refining and reconciling the scopes and resources from the original authorization request based on the current token request.

public Abblix.Oidc.Server.Common.AuthorizationContext EvaluateAuthorizationContext(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ValidTokenRequest request);

Parameters

request ValidTokenRequest

The valid token request that contains the original authorization grant and any additional token-specific requests.

Implements EvaluateAuthorizationContext(ValidTokenRequest)

Returns

AuthorizationContext
An updated AuthorizationContext that reflects the actual scopes and resources that should be considered during the token issuance process.