RefreshTokenService Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.Tokens
RefreshTokenService Class
Manages refresh tokens, key components in OAuth 2.0 for extending authentication sessions without requiring user re-authentication. This service handles the creation and validation of refresh tokens, supporting seamless and secure user experiences by allowing access tokens to be renewed based on long-lived refresh tokens.
public class RefreshTokenService : Abblix.Oidc.Server.Features.Tokens.IRefreshTokenService
Inheritance System.Object → RefreshTokenService
Implements IRefreshTokenService
Constructors
RefreshTokenService(IIssuerProvider, TimeProvider, ITokenIdGenerator, IGrantIdGenerator, IAuthServiceJwtFormatter, ITokenRegistry) Constructor
Manages refresh tokens, key components in OAuth 2.0 for extending authentication sessions without requiring user re-authentication. This service handles the creation and validation of refresh tokens, supporting seamless and secure user experiences by allowing access tokens to be renewed based on long-lived refresh tokens.
public RefreshTokenService(Abblix.Oidc.Server.Features.Issuer.IIssuerProvider issuerProvider, System.TimeProvider clock, Abblix.Oidc.Server.Features.RandomGenerators.ITokenIdGenerator tokenIdGenerator, Abblix.Oidc.Server.Features.RandomGenerators.IGrantIdGenerator grantIdGenerator, Abblix.Oidc.Server.Features.Tokens.Formatters.IAuthServiceJwtFormatter jwtFormatter, Abblix.Oidc.Server.Features.Storages.ITokenRegistry tokenRegistry);
Parameters
issuerProvider IIssuerProvider
Provider for the issuer claim in tokens.
clock System.TimeProvider
Time provider for token timestamps.
tokenIdGenerator ITokenIdGenerator
Generator for unique token identifiers.
grantIdGenerator IGrantIdGenerator
Generator for unique refresh-token grant identifiers.
jwtFormatter IAuthServiceJwtFormatter
Formatter for encoding JWTs.
tokenRegistry ITokenRegistry
Registry for tracking token status.
Methods
RefreshTokenService.AuthorizeByRefreshTokenAsync(JsonWebToken) Method
Validates and authorizes a provided refresh token, reconstructing the user's authentication session and authorization context. This method facilitates continued access by validating the refresh token's integrity and expiry, granting a new access token for continued use.
public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeByRefreshTokenAsync(Abblix.Jwt.JsonWebToken refreshToken);
Parameters
refreshToken JsonWebToken
The refresh token to be validated and authorized.
Implements AuthorizeByRefreshTokenAsync(JsonWebToken)
Returns
System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task that, upon successful validation, results in an AuthorizedGrant
encapsulating the reconstituted authentication session and authorization context.
RefreshTokenService.CreateRefreshTokenAsync(AuthSession, AuthorizationContext, ClientInfo, JsonWebToken) Method
Generates a new refresh token based on the user's current authentication session and authorization context, optionally renewing an existing refresh token. This facilitates prolonged access without re-authentication, adhering to specified client policies for token expiration and renewal.
public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.Tokens.EncodedJsonWebToken?> CreateRefreshTokenAsync(Abblix.Oidc.Server.Features.UserAuthentication.AuthSession authSession, Abblix.Oidc.Server.Common.AuthorizationContext authContext, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo, Abblix.Jwt.JsonWebToken? refreshToken);
Parameters
authSession AuthSession
The session details of the authenticated user, providing context for token issuance.
authContext AuthorizationContext
Contextual information from the authorization process, including scopes and client-specific settings.
clientInfo ClientInfo
Details of the client application requesting the token, used to apply appropriate token policies.
refreshToken JsonWebToken
An existing refresh token to be renewed, if applicable. A new token is created if this is null or expired.
Implements CreateRefreshTokenAsync(AuthSession, AuthorizationContext, ClientInfo, JsonWebToken)
Returns
System.Threading.Tasks.Task<EncodedJsonWebToken>
A task that results in a new or renewed EncodedJsonWebToken representing
the refresh token, or null if the existing token cannot be renewed due to policy constraints or expiration.