Skip to main content

Abblix.Oidc.Server.Features.DeviceAuthorization Namespace

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.DeviceAuthorization Namespace

Classes
DeviceAuthorizationRequestRepresents a stored device authorization request as defined in RFC 8628. This record is used to persist the state of a device authorization flow between the initial request and when the user completes authentication.
DeviceAuthorizationStorageImplements storage for device authorization requests as defined in RFC 8628. Stores requests by device_code (for client polling) with a secondary index by user_code (for user verification). Uses atomic distributed cache operations to prevent race conditions in token issuance.
DeviceCodeGeneratorGenerates high-entropy device codes for the Device Authorization Grant (RFC 8628). The device code is used by clients to poll the token endpoint.
InvalidUserCodeIndicates that the user code was not found or has expired.
UserCodeAlreadyUsedIndicates that the user code has already been used (approved or denied).
UserCodeGeneratorGenerates user codes for the Device Authorization Grant (RFC 8628). The alphabet used for code generation is configurable to support numeric, alphabetic, or alphanumeric codes.
UserCodeNormalizerCanonicalizes user-entered user codes for the Device Authorization Grant (RFC 8628) following the input-processing guidance in Section 6.1: punctuation added for readability (dashes, spaces) and any other characters outside the configured alphabet are dropped, and case is folded when the alphabet is single-case so that a user typing the equivalent lowercase (or uppercase) form is not rejected.
UserCodeRateLimiterImplements rate limiting for user code verification attempts to prevent brute force attacks. Uses exponential backoff and per-IP rate limiting as recommended by RFC 8628 Section 5.2.
UserCodeVerificationResultRepresents the result of a user code verification attempt. This is a discriminated union with three concrete implementations.
UserCodeVerificationServiceImplements the user code verification service for the Device Authorization Grant flow (RFC 8628). This service handles the verification, approval, and denial of device authorization requests with built-in brute force protection.
ValidUserCodeIndicates that the user code was successfully verified and the request is pending authorization.
Enums
DeviceAuthorizationStatusRepresents the various states of a device authorization request as defined in RFC 8628. This enumeration defines the possible statuses that a device authorization request can have, facilitating the management of the device authorization flow.