Skip to main content

RefreshTokenService Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.Tokens

RefreshTokenService Class

Manages refresh tokens, key components in OAuth 2.0 for extending authentication sessions without requiring user re-authentication. This service handles the creation and validation of refresh tokens, supporting seamless and secure user experiences by allowing access tokens to be renewed based on long-lived refresh tokens.

public class RefreshTokenService : Abblix.Oidc.Server.Features.Tokens.IRefreshTokenService

Inheritance System.Object → RefreshTokenService

Implements IRefreshTokenService

Constructors

RefreshTokenService(IIssuerProvider, TimeProvider, ITokenIdGenerator, IGrantIdGenerator, IAuthServiceJwtFormatter, ITokenRegistry) Constructor

Manages refresh tokens, key components in OAuth 2.0 for extending authentication sessions without requiring user re-authentication. This service handles the creation and validation of refresh tokens, supporting seamless and secure user experiences by allowing access tokens to be renewed based on long-lived refresh tokens.

public RefreshTokenService(Abblix.Oidc.Server.Features.Issuer.IIssuerProvider issuerProvider, System.TimeProvider clock, Abblix.Oidc.Server.Features.RandomGenerators.ITokenIdGenerator tokenIdGenerator, Abblix.Oidc.Server.Features.RandomGenerators.IGrantIdGenerator grantIdGenerator, Abblix.Oidc.Server.Features.Tokens.Formatters.IAuthServiceJwtFormatter jwtFormatter, Abblix.Oidc.Server.Features.Storages.ITokenRegistry tokenRegistry);

Parameters

issuerProvider IIssuerProvider

Provider for the issuer claim in tokens.

clock System.TimeProvider

Time provider for token timestamps.

tokenIdGenerator ITokenIdGenerator

Generator for unique token identifiers.

grantIdGenerator IGrantIdGenerator

Generator for unique refresh-token grant identifiers.

jwtFormatter IAuthServiceJwtFormatter

Formatter for encoding JWTs.

tokenRegistry ITokenRegistry

Registry for tracking token status.

Methods

RefreshTokenService.AuthorizeByRefreshTokenAsync(JsonWebToken) Method

Validates and authorizes a provided refresh token, reconstructing the user's authentication session and authorization context. This method facilitates continued access by validating the refresh token's integrity and expiry, granting a new access token for continued use.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Endpoints.Token.Interfaces.AuthorizedGrant,Abblix.Oidc.Server.Common.OidcError>> AuthorizeByRefreshTokenAsync(Abblix.Jwt.JsonWebToken refreshToken);

Parameters

refreshToken JsonWebToken

The refresh token to be validated and authorized.

Implements AuthorizeByRefreshTokenAsync(JsonWebToken)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<AuthorizedGrant,OidcError>>
A task that, upon successful validation, results in an AuthorizedGrant encapsulating the reconstituted authentication session and authorization context.

RefreshTokenService.CreateRefreshTokenAsync(AuthSession, AuthorizationContext, ClientInfo, JsonWebToken) Method

Generates a new refresh token based on the user's current authentication session and authorization context, optionally renewing an existing refresh token. This facilitates prolonged access without re-authentication, adhering to specified client policies for token expiration and renewal.

public System.Threading.Tasks.Task<Abblix.Oidc.Server.Features.Tokens.EncodedJsonWebToken?> CreateRefreshTokenAsync(Abblix.Oidc.Server.Features.UserAuthentication.AuthSession authSession, Abblix.Oidc.Server.Common.AuthorizationContext authContext, Abblix.Oidc.Server.Features.ClientInformation.ClientInfo clientInfo, Abblix.Jwt.JsonWebToken? refreshToken);

Parameters

authSession AuthSession

The session details of the authenticated user, providing context for token issuance.

authContext AuthorizationContext

Contextual information from the authorization process, including scopes and client-specific settings.

clientInfo ClientInfo

Details of the client application requesting the token, used to apply appropriate token policies.

refreshToken JsonWebToken

An existing refresh token to be renewed, if applicable. A new token is created if this is null or expired.

Implements CreateRefreshTokenAsync(AuthSession, AuthorizationContext, ClientInfo, JsonWebToken)

Returns

System.Threading.Tasks.Task<EncodedJsonWebToken>
A task that results in a new or renewed EncodedJsonWebToken representing the refresh token, or null if the existing token cannot be renewed due to policy constraints or expiration.