TokenRequestProcessor Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.Token
TokenRequestProcessor Class
Default ITokenRequestProcessor: always issues an access token (RFC 6749 §5.1),
adds a refresh token when offline_access is in the granted scope (OIDC Core 1.0 §11),
and adds an ID token when openid is in scope (OIDC Core 1.0 §3.1.3.3, with at_hash
computed from the issued access token).
public class TokenRequestProcessor : Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenRequestProcessor
Inheritance System.Object → TokenRequestProcessor
Implements ITokenRequestProcessor
Constructors
TokenRequestProcessor(IAccessTokenService, IRefreshTokenService, IIdentityTokenService, ITokenAuthorizationContextEvaluator) Constructor
Default ITokenRequestProcessor: always issues an access token (RFC 6749 §5.1),
adds a refresh token when offline_access is in the granted scope (OIDC Core 1.0 §11),
and adds an ID token when openid is in scope (OIDC Core 1.0 §3.1.3.3, with at_hash
computed from the issued access token).
public TokenRequestProcessor(Abblix.Oidc.Server.Features.Tokens.IAccessTokenService accessTokenService, Abblix.Oidc.Server.Features.Tokens.IRefreshTokenService refreshTokenService, Abblix.Oidc.Server.Features.Tokens.IIdentityTokenService identityTokenService, Abblix.Oidc.Server.Endpoints.Token.Interfaces.ITokenAuthorizationContextEvaluator tokenContextEvaluator);
Parameters
accessTokenService IAccessTokenService
Issues access-token JWTs.
refreshTokenService IRefreshTokenService
Issues refresh-token JWTs, rolling the previous one for refresh-token grants.
identityTokenService IIdentityTokenService
Issues ID tokens.
tokenContextEvaluator ITokenAuthorizationContextEvaluator
Narrows scopes/resources and computes mTLS confirmation binding.
Methods
TokenRequestProcessor.ProcessAsync(ValidTokenRequest) Method
Asynchronously processes a valid token request, determining the necessary tokens to generate based on the request's scope and grant type. It generates an access token for every request and, depending on the scope, may also generate a refresh token and an ID token for OpenID Connect authentication.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.TokenIssued,Abblix.Oidc.Server.Common.OidcError>> ProcessAsync(Abblix.Oidc.Server.Endpoints.Token.Interfaces.ValidTokenRequest request);
Parameters
request ValidTokenRequest
The validated token request containing client and authorization session information.
Implements ProcessAsync(ValidTokenRequest)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<TokenIssued,OidcError>>
A task representing the asynchronous operation, yielding a TokenIssued containing
the generated tokens, or an OidcError if processing fails.
Remarks
Access tokens authorize clients for resource access; refresh tokens enable long-lived sessions by allowing new access tokens to be obtained without re-authentication; ID tokens provide identity information about the user, crucial for OpenID Connect authentication flows. This method ensures secure and compliant token generation.