Skip to main content

NoneClientAuthenticator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.ClientAuthentication

NoneClientAuthenticator Class

Authenticates clients that are configured as public, without requiring client secrets.

public class NoneClientAuthenticator : Abblix.Oidc.Server.Features.ClientAuthentication.IClientAuthenticator

Inheritance System.Object → NoneClientAuthenticator

Implements IClientAuthenticator

Remarks

This authenticator is designed for public clients where client secrets cannot be securely stored. It ensures that only clients marked as public in the configuration are allowed to proceed without client authentication. This approach is typically used in scenarios where the client application runs in an environment that cannot securely maintain a secret, such as single-page applications or native mobile apps.

Constructors

NoneClientAuthenticator(ILogger<NoneClientAuthenticator>, IClientInfoProvider) Constructor

Authenticates clients that are configured as public, without requiring client secrets.

public NoneClientAuthenticator(Microsoft.Extensions.Logging.ILogger<Abblix.Oidc.Server.Features.ClientAuthentication.NoneClientAuthenticator> logger, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider);

Parameters

logger Microsoft.Extensions.Logging.ILogger<NoneClientAuthenticator>

The logger for logging authentication events.

clientInfoProvider IClientInfoProvider

The provider for retrieving client information.

Remarks

This authenticator is designed for public clients where client secrets cannot be securely stored. It ensures that only clients marked as public in the configuration are allowed to proceed without client authentication. This approach is typically used in scenarios where the client application runs in an environment that cannot securely maintain a secret, such as single-page applications or native mobile apps.

Properties

NoneClientAuthenticator.ClientAuthenticationMethodsSupported Property

Indicates the client authentication method supported by this authenticator. For this authenticator, no client authentication is required, aligning with scenarios where client authentication is deemed unnecessary or where anonymous access is permitted.

public System.Collections.Generic.IEnumerable<string> ClientAuthenticationMethodsSupported { get; }

Implements ClientAuthenticationMethodsSupported

Property Value

System.Collections.Generic.IEnumerable<System.String>

Methods

NoneClientAuthenticator.TryAuthenticateClientAsync(ClientRequest) Method

Attempts to authenticate a client based solely on its ID, without requiring a client secret.

public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.ClientInformation.ClientInfo?> TryAuthenticateClientAsync(Abblix.Oidc.Server.Model.ClientRequest request);

Parameters

request ClientRequest

The client request containing the client's ID.

Implements TryAuthenticateClientAsync(ClientRequest)

Returns

System.Threading.Tasks.Task<ClientInfo>
A task that returns the authenticated ClientInfo if successful, or null if authentication fails.

Remarks

This method is suitable for public clients where a secret is not issued or cannot be securely stored. It verifies the existence of the client and ensures it is marked as a public client in the configuration. Clients not meeting these criteria are not authenticated.