IClientKeysProvider Interface
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.ClientInformation
IClientKeysProvider Interface
Provides access to cryptographic keys for OpenID Connect clients, supporting token encryption and signature validation.
public interface IClientKeysProvider
Derived
↳ ClientKeysProvider
Remarks
This interface serves as a bridge between OAuth 2.0/OpenID Connect clients and the cryptographic keys necessary for securing JWT tokens. It enables dynamic retrieval of encryption and signing keys which can be used for token encryption, signature, and validation processes. This approach supports scenarios where keys are rotated or updated without requiring service restarts or manual intervention.
Methods
IClientKeysProvider.GetEncryptionKeys(ClientInfo) Method
Retrieves the set of encryption keys associated with a given client, allowing the service to encrypt JWT tokens or other sensitive information intended for that client.
System.Collections.Generic.IAsyncEnumerable<Abblix.Jwt.JsonWebKey> GetEncryptionKeys(Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);
Parameters
clientInfo ClientInfo
The client's information, used to identify the correct set of encryption keys.
Returns
System.Collections.Generic.IAsyncEnumerable<JsonWebKey>
An asynchronous stream (System.Collections.Generic.IAsyncEnumerable<>) of JsonWebKey, providing access to each key.
Remarks
This method is essential for services that issue encrypted tokens or need to securely communicate with clients, ensuring that only the intended recipient can decrypt and access the transmitted information.
IClientKeysProvider.GetSigningKeys(ClientInfo) Method
Retrieves the set of signing keys associated with a given client, enabling the service to validate signatures on JWT tokens or other signed payloads originating from that client.
System.Collections.Generic.IAsyncEnumerable<Abblix.Jwt.JsonWebKey> GetSigningKeys(Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo);
Parameters
clientInfo ClientInfo
The client's information, used to identify the correct set of signing keys.
Returns
System.Collections.Generic.IAsyncEnumerable<JsonWebKey>
An asynchronous stream (System.Collections.Generic.IAsyncEnumerable<>) of JsonWebKey, providing access to each key.
Remarks
This method supports secure client-server interactions by enabling the service to verify the authenticity of incoming signed data, ensuring it was not tampered with and was indeed issued by the claiming client.