DPoPAlgorithms Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.DPoP
DPoPAlgorithms Class
Single source of truth for the DPoP signing-algorithm whitelist (RFC 9449 §4.2,
§7.1). Both the proof-validator's enforcement (it rejects proofs whose alg
header sits outside this set) and the resource-server's WWW-Authenticate: DPoP algs="..." challenge advertisement read from here, so adding a new algorithm
(e.g. EdDSA when the JWS layer gains support) propagates everywhere automatically.
public static class DPoPAlgorithms
Inheritance System.Object → DPoPAlgorithms
Fields
DPoPAlgorithms.Allowed Field
JWS algorithms accepted on a DPoP proof. none and HMAC-based algorithms
are intentionally absent — RFC 9449 §4.2 forbids them because the embedded
jwk header carries an asymmetric public key for verification.
public static readonly IReadOnlySet<string> Allowed;