Skip to main content

ClientSecretPostAuthenticator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.ClientAuthentication

ClientSecretPostAuthenticator Class

Implements an authentication of a client request by extracting client credentials (client_id and client_secret) from the request body. This approach is typically used in OAuth 2.0 client credential flows where the client submits its credentials as part of the request body.

public class ClientSecretPostAuthenticator : Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretAuthenticator, Abblix.Oidc.Server.Features.ClientAuthentication.IClientAuthenticator

Inheritance System.ObjectClientSecretAuthenticator → ClientSecretPostAuthenticator

Implements IClientAuthenticator

Constructors

ClientSecretPostAuthenticator(ILogger<ClientSecretPostAuthenticator>, IClientInfoProvider, TimeProvider, IHashService) Constructor

Implements an authentication of a client request by extracting client credentials (client_id and client_secret) from the request body. This approach is typically used in OAuth 2.0 client credential flows where the client submits its credentials as part of the request body.

public ClientSecretPostAuthenticator(Microsoft.Extensions.Logging.ILogger<Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretPostAuthenticator> logger, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider, System.TimeProvider clock, Abblix.Oidc.Server.Features.Hashing.IHashService hashService);

Parameters

logger Microsoft.Extensions.Logging.ILogger<ClientSecretPostAuthenticator>
clientInfoProvider IClientInfoProvider
clock System.TimeProvider
hashService IHashService

Properties

ClientSecretPostAuthenticator.ClientAuthenticationMethodsSupported Property

Specifies the client authentication method this authenticator supports, which is 'client_secret_post'. This property indicates that the authenticator is designed to handle client authentication where the client secret is sent in the request body parameters. It is a straightforward method for clients to authenticate with the authorization server by including the client_id and client_secret in the body of the HTTP request.

public System.Collections.Generic.IEnumerable<string> ClientAuthenticationMethodsSupported { get; }

Implements ClientAuthenticationMethodsSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

Methods

ClientSecretPostAuthenticator.TryAuthenticateClientAsync(ClientRequest) Method

Asynchronously tries to authenticate a client based on credentials (client_id and client_secret) provided in the request body. The method delegates to Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretAuthenticator.TryAuthenticateAsync(System.String,System.String,System.String) with the extracted client_id and client_secret.

public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.ClientInformation.ClientInfo?> TryAuthenticateClientAsync(Abblix.Oidc.Server.Model.ClientRequest request);

Parameters

request ClientRequest

The client request containing the client_id and client_secret for authentication.

Implements TryAuthenticateClientAsync(ClientRequest)

Returns

System.Threading.Tasks.Task<ClientInfo>
A System.Threading.Tasks.Task representing the asynchronous operation, which upon completion will yield the authenticated ClientInfo or null if authentication fails.