Skip to main content

AuthorizationCodeService Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.Storages

AuthorizationCodeService Class

Provides services for managing the lifecycle of OAuth 2.0 authorization codes. This service generates, stores, validates, and deletes authorization codes as part of the authorization code grant flow.

public class AuthorizationCodeService : Abblix.Oidc.Server.Features.Storages.IAuthorizationCodeService

Inheritance System.Object → AuthorizationCodeService

Implements IAuthorizationCodeService

Constructors

AuthorizationCodeService(IAuthorizationCodeGenerator, IEntityStorage, IEntityStorageKeyFactory) Constructor

Provides services for managing the lifecycle of OAuth 2.0 authorization codes. This service generates, stores, validates, and deletes authorization codes as part of the authorization code grant flow.

public AuthorizationCodeService(Abblix.Oidc.Server.Features.RandomGenerators.IAuthorizationCodeGenerator authorizationCodeGenerator, Abblix.Oidc.Server.Features.Storages.IEntityStorage storage, Abblix.Oidc.Server.Features.Storages.IEntityStorageKeyFactory keyFactory);

Parameters

authorizationCodeGenerator IAuthorizationCodeGenerator

The generator that creates unique authorization codes.

storage IEntityStorage

The storage mechanism for persisting and retrieving authorization codes and their associated data.

keyFactory IEntityStorageKeyFactory

The factory for generating standardized storage keys.

Methods

AuthorizationCodeService.AuthorizeByCodeAsync(string) Method

Validates and processes an authorization code, ensuring it is correct and has not expired or been used previously.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeByCodeAsync(string authorizationCode);

Parameters

authorizationCode System.String

The authorization code to validate and process.

Implements AuthorizeByCodeAsync(string)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task that resolves to a Abblix.Utils.Result<>, which indicates the outcome of the authorization attempt and contains any tokens issued.

AuthorizationCodeService.GenerateAuthorizationCodeAsync(AuthorizedGrant, TimeSpan) Method

Generates a unique authorization code for a given authorization grant result and client information. The client subsequently uses this code to request an access token.

public System.Threading.Tasks.Task<string> GenerateAuthorizationCodeAsync(Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant authorizedGrant, System.TimeSpan authorizationCodeExpiresIn);

Parameters

authorizedGrant AuthorizedGrant

An object encapsulating the result of the authorization grant, including user authentication session and authorization context details.

authorizationCodeExpiresIn System.TimeSpan

Implements GenerateAuthorizationCodeAsync(AuthorizedGrant, TimeSpan)

Returns

System.Threading.Tasks.Task<System.String>
A task that resolves to the generated authorization code as a string.

AuthorizationCodeService.RemoveAuthorizationCodeAsync(string) Method

Atomically removes an authorization code from storage and returns the grant it held, in a single get-and-remove operation. This is how a code is claimed for redemption: it enforces the single-use guarantee against a race between two simultaneous redemptions of the same code (RFC 6749 §4.1.2) — exactly one caller wins and receives the grant, every other caller finds the code already gone and receives an invalid_grant failure.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> RemoveAuthorizationCodeAsync(string authorizationCode);

Parameters

authorizationCode System.String

The authorization code to remove and claim.

Implements RemoveAuthorizationCodeAsync(string)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
The grant on success when this caller won the claim; an invalid_grantOidcError when the code is absent — already claimed by a concurrent request, already consumed, expired, or never issued.

Remarks

A successfully claimed grant whose IssuedTokens is non-empty indicates the code was already used to issue tokens (a sequential reuse), which the caller treats as a reuse to be rejected and whose tokens are revoked.

AuthorizationCodeService.UpdateAuthorizationGrantAsync(string, AuthorizedGrant, TimeSpan) Method

Updates the authorization grant result based on a specific authorization code and client information. This method allows the authorization grant to be updated with new information or tokens as needed.

public System.Threading.Tasks.Task UpdateAuthorizationGrantAsync(string authorizationCode, Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant authorizedGrant, System.TimeSpan authorizationCodeExpiresIn);

Parameters

authorizationCode System.String

The authorization code associated with the grant result to update.

authorizedGrant AuthorizedGrant

The updated authorization grant result containing the latest authentication and authorization details.

authorizationCodeExpiresIn System.TimeSpan

Implements UpdateAuthorizationGrantAsync(string, AuthorizedGrant, TimeSpan)

Returns

System.Threading.Tasks.Task
A task representing the asynchronous operation of updating the authorization grant result.