IBackChannelGrantProcessor Interface
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.BackChannelAuthentication.Interfaces
IBackChannelGrantProcessor Interface
Defines mode-specific processing logic for handling authenticated CIBA requests at the token endpoint. Different delivery modes (poll, ping, push) have different requirements for token retrieval.
public interface IBackChannelGrantProcessor
Derived
↳ PingModeGrantProcessor
↳ PollModeGrantProcessor
↳ PushModeGrantProcessor
Methods
IBackChannelGrantProcessor.ProcessAuthenticatedRequestAsync(string, BackChannelAuthenticationRequest) Method
Validates whether the client is allowed to retrieve tokens via the token endpoint for this delivery mode, and performs any mode-specific post-retrieval actions (e.g., removing from storage).
System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> ProcessAuthenticatedRequestAsync(string authenticationRequestId, Abblix.Oidc.Server.Features.BackChannelAuthentication.BackChannelAuthenticationRequest request);
Parameters
authenticationRequestId System.String
The authentication request identifier.
request BackChannelAuthenticationRequest
The authenticated CIBA request from storage.
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
Either the authorized grant if retrieval is allowed and successful, or an error indicating
why token retrieval is not permitted for this mode.
IBackChannelGrantProcessor.ValidateTokenEndpointAccess() Method
Validates that a token request is allowed for this delivery mode. For example, push mode clients should never poll the token endpoint.
Abblix.Oidc.Server.Common.OidcError? ValidateTokenEndpointAccess();
Returns
OidcError
Null if the request is valid for this mode, or an error if the client
is attempting an operation not allowed by their delivery mode.