Skip to main content

DPoPAlgorithms Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.DPoP

DPoPAlgorithms Class

Single source of truth for the DPoP signing-algorithm whitelist (RFC 9449 §4.2, §7.1). Both the proof-validator's enforcement (it rejects proofs whose alg header sits outside this set) and the resource-server's WWW-Authenticate: DPoP algs="..." challenge advertisement read from here, so adding a new algorithm (e.g. EdDSA when the JWS layer gains support) propagates everywhere automatically.

public static class DPoPAlgorithms

Inheritance System.Object → DPoPAlgorithms

Fields

DPoPAlgorithms.Allowed Field

JWS algorithms accepted on a DPoP proof. none and HMAC-based algorithms are intentionally absent — RFC 9449 §4.2 forbids them because the embedded jwk header carries an asymmetric public key for verification.

public static readonly IReadOnlySet<string> Allowed;

Field Value

System.Collections.Generic.IReadOnlySet<System.String>