SecurityProfileConsistency Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.ClientInformation
SecurityProfileConsistency Class
Checks whether a client's configuration can actually satisfy the profile it selects, so a contradiction surfaces loudly at registration or startup instead of as a per-request rejection the operator has to reverse-engineer. The runtime validators already tighten a request to the profile; this is the fail-loud companion that catches static configuration that can never produce a conformant flow in the first place.
public static class SecurityProfileConsistency
Inheritance System.Object → SecurityProfileConsistency
Methods
SecurityProfileConsistency.FindViolations(IReadOnlyList<string[]>, ClientSecurityProfile) Method
Returns the human-readable violations that prevent a client with the given registered response types from satisfying the effective profile, or an empty list when the configuration is self-consistent. The check operates on response types because that is the one part of a FAPI client the profile cannot silently fix at request time: a client that never permits the authorization-code response type, or that permits an implicit/hybrid one, is misconfigured rather than merely tightened.
public static System.Collections.Generic.IReadOnlyList<string> FindViolations(System.Collections.Generic.IReadOnlyList<string[]> allowedResponseTypes, Abblix.Oidc.Server.Common.Constants.ClientSecurityProfile profile);
Parameters
allowedResponseTypes System.Collections.Generic.IReadOnlyList<System.String[]>
The response-type combinations the client is registered for.
profile ClientSecurityProfile
The effective profile governing the client.