UserInfoRequestValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Endpoints.UserInfo
UserInfoRequestValidator Class
Validates a UserInfo request: extracts the access token (per RFC 6750, either the
Authorization: Bearer header or the access_token form/query parameter, but not both),
verifies its JWT signature and claims, asserts the typ header equals at+jwt, and
resolves the originating authentication session, authorization context and client.
public class UserInfoRequestValidator : Abblix.Oidc.Server.Endpoints.UserInfo.Interfaces.IUserInfoRequestValidator
Inheritance System.Object → UserInfoRequestValidator
Implements IUserInfoRequestValidator
Constructors
UserInfoRequestValidator(IAuthServiceJwtValidator, IAccessTokenService, IClientInfoProvider, IDPoPUserInfoValidator, IMtlsUserInfoValidator) Constructor
Validates a UserInfo request: extracts the access token (per RFC 6750, either the
Authorization: Bearer header or the access_token form/query parameter, but not both),
verifies its JWT signature and claims, asserts the typ header equals at+jwt, and
resolves the originating authentication session, authorization context and client.
public UserInfoRequestValidator(Abblix.Oidc.Server.Features.Tokens.Validation.IAuthServiceJwtValidator jwtValidator, Abblix.Oidc.Server.Features.Tokens.IAccessTokenService accessTokenService, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider, Abblix.Oidc.Server.Endpoints.UserInfo.Interfaces.IDPoPUserInfoValidator dpopValidator, Abblix.Oidc.Server.Endpoints.UserInfo.Interfaces.IMtlsUserInfoValidator mtlsValidator);
Parameters
jwtValidator IAuthServiceJwtValidator
Validates access-token JWTs issued by this authorization server.
accessTokenService IAccessTokenService
Resolves an AuthSession and AuthorizationContext from the access token.
clientInfoProvider IClientInfoProvider
Loads the ClientInfo for the token's client.
dpopValidator IDPoPUserInfoValidator
RFC 9449 §7 DPoP resource-server-side validator that enforces the
proof-of-possession binding when the access token carries a cnf.jkt confirmation.
mtlsValidator IMtlsUserInfoValidator
RFC 8705 §3 mutual-TLS resource-server-side validator that enforces
the certificate binding when the access token carries a cnf.x5t#S256 confirmation.
Methods
UserInfoRequestValidator.ValidateAsync(UserInfoRequest, ClientRequest) Method
Asynchronously validates a user information request and determines its validity based on the provided access token and request parameters.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.UserInfo.Interfaces.ValidUserInfoRequest,Abblix.Oidc.Server.Common.OidcError>> ValidateAsync(Abblix.Oidc.Server.Model.UserInfoRequest userInfoRequest, Abblix.Oidc.Server.Model.ClientRequest clientRequest);
Parameters
userInfoRequest UserInfoRequest
The user info request to validate.
clientRequest ClientRequest
Additional client request information for contextual validation.
Implements ValidateAsync(UserInfoRequest, ClientRequest)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<ValidUserInfoRequest,OidcError>>
A System.Threading.Tasks.Task representing the asynchronous operation,
which upon completion will yield a Abblix.Utils.Result<>.