Skip to main content

PushModeGrantProcessor Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.BackChannelAuthentication.GrantProcessors

PushModeGrantProcessor Class

Handles CIBA push mode token retrieval validation at the token endpoint. In push mode, tokens are delivered directly to the client's notification endpoint. Push mode clients should NEVER poll the token endpoint - this is an error.

public class PushModeGrantProcessor : Abblix.Oidc.Server.Features.BackChannelAuthentication.Interfaces.IBackChannelGrantProcessor

Inheritance System.Object → PushModeGrantProcessor

Implements IBackChannelGrantProcessor

Methods

PushModeGrantProcessor.ProcessAuthenticatedRequestAsync(string, BackChannelAuthenticationRequest) Method

Defensive fallback that returns invalid_grant. In practice this method is unreachable because ValidateTokenEndpointAccess() short-circuits push-mode token-endpoint requests.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> ProcessAuthenticatedRequestAsync(string authenticationRequestId, Abblix.Oidc.Server.Features.BackChannelAuthentication.BackChannelAuthenticationRequest request);

Parameters

authenticationRequestId System.String
request BackChannelAuthenticationRequest

Implements ProcessAuthenticatedRequestAsync(string, BackChannelAuthenticationRequest)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>

PushModeGrantProcessor.ValidateTokenEndpointAccess() Method

Push mode delivers tokens directly to the client's notification endpoint, so any call to the token endpoint with a push-mode auth_req_id is a protocol error and is rejected with invalid_grant.

public Abblix.Oidc.Server.Common.OidcError ValidateTokenEndpointAccess();

Implements ValidateTokenEndpointAccess()

Returns

OidcError