ClientSecretPostAuthenticator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.ClientAuthentication
ClientSecretPostAuthenticator Class
Implements an authentication of a client request by extracting client credentials (client_id and client_secret) from the request body. This approach is typically used in OAuth 2.0 client credential flows where the client submits its credentials as part of the request body.
public class ClientSecretPostAuthenticator : Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretAuthenticator, Abblix.Oidc.Server.Features.ClientAuthentication.IClientAuthenticator
Inheritance System.Object → ClientSecretAuthenticator → ClientSecretPostAuthenticator
Implements IClientAuthenticator
Constructors
ClientSecretPostAuthenticator(ILogger<ClientSecretPostAuthenticator>, IClientInfoProvider, TimeProvider, IHashService) Constructor
Implements an authentication of a client request by extracting client credentials (client_id and client_secret) from the request body. This approach is typically used in OAuth 2.0 client credential flows where the client submits its credentials as part of the request body.
public ClientSecretPostAuthenticator(Microsoft.Extensions.Logging.ILogger<Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretPostAuthenticator> logger, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider, System.TimeProvider clock, Abblix.Oidc.Server.Features.Hashing.IHashService hashService);
Parameters
logger Microsoft.Extensions.Logging.ILogger<ClientSecretPostAuthenticator>
clientInfoProvider IClientInfoProvider
clock System.TimeProvider
hashService IHashService
Properties
ClientSecretPostAuthenticator.ClientAuthenticationMethodsSupported Property
Specifies the client authentication method this authenticator supports, which is 'client_secret_post'. This property indicates that the authenticator is designed to handle client authentication where the client secret is sent in the request body parameters. It is a straightforward method for clients to authenticate with the authorization server by including the client_id and client_secret in the body of the HTTP request.
public System.Collections.Generic.IEnumerable<string> ClientAuthenticationMethodsSupported { get; }
Implements ClientAuthenticationMethodsSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
Methods
ClientSecretPostAuthenticator.TryAuthenticateClientAsync(ClientRequest) Method
Asynchronously tries to authenticate a client based on credentials (client_id and client_secret) provided in the request body. The method delegates to Abblix.Oidc.Server.Features.ClientAuthentication.ClientSecretAuthenticator.TryAuthenticateAsync(System.String,System.String,System.String) with the extracted client_id and client_secret.
public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.ClientInformation.ClientInfo?> TryAuthenticateClientAsync(Abblix.Oidc.Server.Model.ClientRequest request);
Parameters
request ClientRequest
The client request containing the client_id and client_secret for authentication.
Implements TryAuthenticateClientAsync(ClientRequest)
Returns
System.Threading.Tasks.Task<ClientInfo>
A System.Threading.Tasks.Task representing the asynchronous operation, which upon completion will yield the authenticated
ClientInfo or null if authentication fails.