IAuthorizationDetailValidator Interface
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.RichAuthorizationRequests
IAuthorizationDetailValidator Interface
Validates a single RFC 9396 authorization_details entry whose type value matches the
implementation. Hosts register one implementation per supported type via
AddAuthorizationDetailValidator<TValidator>(this IServiceCollection, string); the
composite IAuthorizationDetailsPolicy dispatches each request entry to
the implementation keyed by the entry's type value.
public interface IAuthorizationDetailValidator
Remarks
The library ships no concrete implementations of this interface — each authorization-detail
type (e.g. payment_initiation, consent, OpenID4VC presentation schemas) demands
its own per-type schema and is contributed by the host or a separate package. RFC 9396 §5
requires the AS to refuse any entry whose type is unknown; with zero implementations
registered, every RAR-bearing request is rejected with invalid_authorization_details
and the server still boots cleanly.
Properties
IAuthorizationDetailValidator.Type Property
The authorization-detail type value this validator handles. Used as the DI key
under which the implementation is registered and looked up at request time.
string Type { get; }
Property Value
Methods
IAuthorizationDetailValidator.BuildConsentDescriptorAsync(AuthorizationDetail, ClientInfo, CancellationToken) Method
Optional: produces a host-renderable AuthorizationDetailDescriptor describing
what consenting to this entry authorises, so the consent UI can render a meaningful screen
instead of a raw JSON dump. Default returns null; hosts that opt out simply fall back
to displaying Json. Validators that override this should
extract the structured payload from Json and project it to
the descriptor's Title / Summary / Details shape.
System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.RichAuthorizationRequests.AuthorizationDetailDescriptor?> BuildConsentDescriptorAsync(Abblix.Jwt.AuthorizationDetail detail, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo client, System.Threading.CancellationToken cancellationToken);
Parameters
detail AuthorizationDetail
The entry to describe. Already passed ValidateAsync(AuthorizationDetail, ClientInfo, CancellationToken), so the per-type schema is satisfied.
client ClientInfo
The requesting client, for descriptions that vary by client metadata (e.g. branding, locale).
cancellationToken System.Threading.CancellationToken
Cancellation token.
Returns
System.Threading.Tasks.Task<AuthorizationDetailDescriptor>
The descriptor on success; null when no structured description is
available and the host should fall back to a JSON-dump rendering.
IAuthorizationDetailValidator.ValidateAsync(AuthorizationDetail, ClientInfo, CancellationToken) Method
Validates a single authorization-detail entry against this validator's per-type schema and any per-client policy the implementation chooses to enforce.
System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Jwt.AuthorizationDetail,Abblix.Oidc.Server.Common.OidcError>> ValidateAsync(Abblix.Jwt.AuthorizationDetail detail, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo client, System.Threading.CancellationToken token);
Parameters
detail AuthorizationDetail
The entry to validate. Its Type matches this validator's Type; the per-type schema lives in the raw Json object alongside the RFC 9396 §2.2 standardised members where applicable.
client ClientInfo
The client that submitted the request, for policy decisions that depend on per-client allowlists or registered metadata.
token System.Threading.CancellationToken
Cancellation token.
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizationDetail,OidcError>>
The validated (and possibly normalised) detail on success, or a
OidcError describing the rejection reason on
failure. RFC 9396 §5 makes the protocol-level error code at the wire
invalid_authorization_details regardless of the underlying reason.