NoneClientAuthenticator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.ClientAuthentication
NoneClientAuthenticator Class
Authenticates clients that are configured as public, without requiring client secrets.
public class NoneClientAuthenticator : Abblix.Oidc.Server.Features.ClientAuthentication.IClientAuthenticator
Inheritance System.Object → NoneClientAuthenticator
Implements IClientAuthenticator
Remarks
This authenticator is designed for public clients where client secrets cannot be securely stored. It ensures that only clients marked as public in the configuration are allowed to proceed without client authentication. This approach is typically used in scenarios where the client application runs in an environment that cannot securely maintain a secret, such as single-page applications or native mobile apps.
Constructors
NoneClientAuthenticator(ILogger<NoneClientAuthenticator>, IClientInfoProvider) Constructor
Authenticates clients that are configured as public, without requiring client secrets.
public NoneClientAuthenticator(Microsoft.Extensions.Logging.ILogger<Abblix.Oidc.Server.Features.ClientAuthentication.NoneClientAuthenticator> logger, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider);
Parameters
logger Microsoft.Extensions.Logging.ILogger<NoneClientAuthenticator>
The logger for logging authentication events.
clientInfoProvider IClientInfoProvider
The provider for retrieving client information.
Remarks
This authenticator is designed for public clients where client secrets cannot be securely stored. It ensures that only clients marked as public in the configuration are allowed to proceed without client authentication. This approach is typically used in scenarios where the client application runs in an environment that cannot securely maintain a secret, such as single-page applications or native mobile apps.
Properties
NoneClientAuthenticator.ClientAuthenticationMethodsSupported Property
Indicates the client authentication method supported by this authenticator. For this authenticator, no client authentication is required, aligning with scenarios where client authentication is deemed unnecessary or where anonymous access is permitted.
public System.Collections.Generic.IEnumerable<string> ClientAuthenticationMethodsSupported { get; }
Implements ClientAuthenticationMethodsSupported
Property Value
System.Collections.Generic.IEnumerable<System.String>
Methods
NoneClientAuthenticator.TryAuthenticateClientAsync(ClientRequest) Method
Attempts to authenticate a client based solely on its ID, without requiring a client secret.
public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.ClientInformation.ClientInfo?> TryAuthenticateClientAsync(Abblix.Oidc.Server.Model.ClientRequest request);
Parameters
request ClientRequest
The client request containing the client's ID.
Implements TryAuthenticateClientAsync(ClientRequest)
Returns
System.Threading.Tasks.Task<ClientInfo>
A task that returns the authenticated ClientInfo
if successful, or null if authentication fails.
Remarks
This method is suitable for public clients where a secret is not issued or cannot be securely stored. It verifies the existence of the client and ensures it is marked as a public client in the configuration. Clients not meeting these criteria are not authenticated.