TokenRequest Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Model
TokenRequest Class
Represents a request to get various types of tokens (e.g., access token, refresh token) from the authorization server. This is part of the OAuth 2.0 and OpenID Connect token exchange flow, where clients can request tokens based on different grant types like 'authorization_code', 'refresh_token' and others.
public record TokenRequest : System.IEquatable<Abblix.Oidc.Server.Model.TokenRequest>
Inheritance System.Object → TokenRequest
Implements System.IEquatable<TokenRequest>
Properties
TokenRequest.ActorToken Property
RFC 8693 §2.1 actor_token -- security token representing the acting party in delegation
flows. Optional. When present, ActorTokenType MUST also be present.
public string? ActorToken { get; set; }
Property Value
TokenRequest.ActorTokenType Property
RFC 8693 §2.1 actor_token_type -- identifier for the format of ActorToken,
one of TokenExchangeTokenTypes. Required when ActorToken is present.
public string? ActorTokenType { get; set; }
Property Value
TokenRequest.Assertion Property
The JWT assertion used in the JWT Bearer grant type per RFC 7523. This contains a signed JWT with claims about the resource owner and is used to request an access token.
public string? Assertion { get; set; }
Property Value
TokenRequest.Audiences Property
RFC 8693 §2.1 audience -- logical name(s) of the relying party for which the requested
token is intended. Distinct from Resources (RFC 8707 absolute URIs); audience is
a free-form identifier.
public string[]? Audiences { get; set; }
Property Value
TokenRequest.AuthenticationRequestId Property
The authentication request ID, used in CIBA (Client-Initiated Backchannel Authentication) flow. This identifier references a backchannel authentication request initiated by the client.
public string? AuthenticationRequestId { get; set; }
Property Value
TokenRequest.Code Property
The authorization code received from the authorization server. This is used in the authorization code grant type to exchange for an access token.
public string? Code { get; set; }
Property Value
TokenRequest.CodeVerifier Property
The code verifier used in the PKCE (Proof Key for Code Exchange) process. Required for public clients using the authorization code grant type to enhance security.
public string? CodeVerifier { get; set; }
Property Value
TokenRequest.DeviceCode Property
The device code used in the Device Authorization Grant (RFC 8628) flow. This code is obtained from the device authorization endpoint and used to poll for tokens.
public string? DeviceCode { get; set; }
Property Value
TokenRequest.GrantType Property
The grant type of the token request, indicating the method being used to get the token. Common values include 'authorization_code', 'refresh_token', 'password', etc.
public string GrantType { get; set; }
Property Value
Remarks
Deliberately not constrained by a declarative value list: grant handlers are an extensible, host-configured set, and the composite grant handler rejects an unregistered grant with the protocol-level unsupported grant type error.
TokenRequest.Password Property
The password of the resource owner, required when using the resource owner password credentials grant type.
public string? Password { get; set; }
Property Value
TokenRequest.RedirectUri Property
The redirect URI where the response will be sent. This must match the redirect URI registered with the authorization server during the initial request.
public System.Uri? RedirectUri { get; set; }
Property Value
TokenRequest.RefreshToken Property
The refresh token used to get a new access token. Required when using the refresh token grant type.
public string? RefreshToken { get; set; }
Property Value
TokenRequest.RequestedTokenType Property
RFC 8693 §2.1 requested_token_type -- identifier of the token type the client would like
the AS to issue, one of TokenExchangeTokenTypes. Optional; defaults to
AccessToken.
public string? RequestedTokenType { get; set; }
Property Value
TokenRequest.Resources Property
The resource URI(s) for which the access token is being requested. This parameter is optional and used in scenarios such as OAuth 2.0 for APIs to specify the resource(s) being accessed.
public System.Uri[]? Resources { get; set; }
Property Value
Remarks
Defined in RFC 8707 as a way to express the resource(s) the client is requesting access to.
TokenRequest.Scope Property
The scope of the access request, expressed as a space-separated list of case-sensitive strings. This defines the permissions or resources the client is requesting access to.
public string[] Scope { get; set; }
Property Value
TokenRequest.SubjectToken Property
RFC 8693 §2.1 subject_token -- the security token being exchanged. Required for
TokenExchange.
public string? SubjectToken { get; set; }
Property Value
TokenRequest.SubjectTokenType Property
RFC 8693 §2.1 subject_token_type -- identifier for the format of SubjectToken,
one of TokenExchangeTokenTypes. Required for TokenExchange.
public string? SubjectTokenType { get; set; }
Property Value
TokenRequest.UserName Property
The username of the resource owner, required when using the resource owner password credentials grant type.
public string? UserName { get; set; }