Skip to main content

ClientJwtValidator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.Tokens.Validation

ClientJwtValidator Class

Validates JWTs issued by clients to the authentication service, supporting scenarios such as private JWT client authentication and the validation of request objects. This class plays a crucial role in ensuring that tokens received from clients are legitimate, properly signed, and authorized for use within the authentication service.

public class ClientJwtValidator : Abblix.Oidc.Server.Features.Tokens.Validation.IClientJwtValidator

Inheritance System.Object → ClientJwtValidator

Implements IClientJwtValidator

Remarks

The class is used for validating tokens like client authentication JWTs and request objects in OpenID Connect flows. It checks the authenticity of the JWT issuer, audience, and cryptographic signatures to ensure that only valid and authorized clients can interact with the authentication service.

Constructors

ClientJwtValidator(ILogger<ClientJwtValidator>, IRequestInfoProvider, IJsonWebTokenValidator, IClientInfoProvider, IClientKeysProvider, IIssuerProvider, IAuthServiceKeysProvider) Constructor

Validates JWTs issued by clients to the authentication service, supporting scenarios such as private JWT client authentication and the validation of request objects. This class plays a crucial role in ensuring that tokens received from clients are legitimate, properly signed, and authorized for use within the authentication service.

public ClientJwtValidator(Microsoft.Extensions.Logging.ILogger<Abblix.Oidc.Server.Features.Tokens.Validation.ClientJwtValidator> logger, Abblix.Oidc.Server.Common.Interfaces.IRequestInfoProvider requestInfoProvider, Abblix.Jwt.IJsonWebTokenValidator tokenValidator, Abblix.Oidc.Server.Features.ClientInformation.IClientInfoProvider clientInfoProvider, Abblix.Oidc.Server.Features.ClientInformation.IClientKeysProvider clientJwksProvider, Abblix.Oidc.Server.Features.Issuer.IIssuerProvider issuerProvider, Abblix.Oidc.Server.Common.Interfaces.IAuthServiceKeysProvider serviceKeysProvider);

Parameters

logger Microsoft.Extensions.Logging.ILogger<ClientJwtValidator>

The logger used for recording validation activities and outcomes.

requestInfoProvider IRequestInfoProvider

Provides information about the current request, including the request URI.

tokenValidator IJsonWebTokenValidator

The service used to perform core JWT validation.

clientInfoProvider IClientInfoProvider

Provides access to client information for validation purposes.

clientJwksProvider IClientKeysProvider

Provides access to the client's JSON Web Keys (JWKs) for verifying signatures.

issuerProvider IIssuerProvider

Provides the authorization server's issuer identifier for audience validation.

serviceKeysProvider IAuthServiceKeysProvider

Provides the server's own private keys used to decrypt request objects that the client encrypted to the server (RFC 9101 §6.1).

Remarks

The class is used for validating tokens like client authentication JWTs and request objects in OpenID Connect flows. It checks the authenticity of the JWT issuer, audience, and cryptographic signatures to ensure that only valid and authorized clients can interact with the authentication service.

Methods

ClientJwtValidator.ValidateAsync(string, ValidationOptions) Method

Validates the JWT issued by a client, ensuring that it meets the expected criteria for issuer, audience, and cryptographic signatures. This method is used in scenarios such as private JWT client authentication and request object validation.

public System.Threading.Tasks.Task<Abblix.Utils.Result<Abblix.Oidc.Server.Features.Tokens.Validation.ValidJsonWebToken,Abblix.Jwt.JwtValidationError>> ValidateAsync(string jwt, Abblix.Jwt.ValidationOptions options=Abblix.Jwt.ValidationOptions.Default);

Parameters

jwt System.String

The JWT to validate.

options ValidationOptions

Options to customize the validation process.

Implements ValidateAsync(string, ValidationOptions)

Returns

System.Threading.Tasks.Task<Abblix.Utils.Result<ValidJsonWebToken,JwtValidationError>>
A task that returns a Result containing either a ValidJsonWebToken on success, or a JwtValidationError on failure.