OpenIdConnectProtocolValidator Class

Reference

Definition

Namespace:: Microsoft.IdentityModel.Protocols.OpenIdConnect

Assembly:: Microsoft.IdentityModel.Protocols.OpenIdConnect.dll

Package:: Microsoft.IdentityModel.Protocols.OpenIdConnect v7.5.1

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

OpenIdConnectProtocolValidator is used to ensure that an OpenIdConnectMessage obtained using OpenIdConnect is compliant with http://openid.net/specs/openid-connect-core-1_0.html .

public class OpenIdConnectProtocolValidator

type OpenIdConnectProtocolValidator = class

Public Class OpenIdConnectProtocolValidator

Inheritance: Object
OpenIdConnectProtocolValidator

Constructors

OpenIdConnectProtocolValidator()

Creates a new instance of OpenIdConnectProtocolValidator,

Fields

DefaultNonceLifetime

Default for the how long the nonce is valid.

Properties

CryptoProviderFactory	Gets or sets the CryptoProviderFactory that will be used for crypto operations.
HashAlgorithmMap	Gets the algorithm mapping between OpenIdConnect and .Net for Hash algorithms. a IDictionary<TKey,TValue> that contains mappings from the JWT namespace https://datatracker.ietf.org/doc/html/rfc7518 to .Net.
IdTokenValidator	Gets or sets the delegate for validating 'id_token'
NonceLifetime	Gets or set the TimeSpan defining how long a nonce is valid.
RequireAcr	Gets or sets a value indicating if an 'acr' claim is required.
RequireAmr	Gets or sets a value indicating if an 'amr' claim is required.
RequireAuthTime	Gets or sets a value indicating if an 'auth_time' claim is required.
RequireAzp	Gets or sets a value indicating if an 'azp' claim is required.
RequireNonce	Get or sets if a nonce is required.
RequireState	Gets or sets a value indicating if a 'state' is required.
RequireStateValidation	Gets or sets a value indicating if validation of 'state' is turned on or off.
RequireSub	Gets or sets a value indicating if a 'sub' claim is required.
RequireSubByDefault	Gets or sets a value for default RequreSub.
RequireTimeStampInNonce	Gets or set logic to control if a nonce is prefixed with a timestamp.

Methods

GenerateNonce()	Generates a value suitable to use as a nonce.
GetHashAlgorithm(String)	Returns a HashAlgorithm corresponding to string 'algorithm' after translation using HashAlgorithmMap.
ValidateAtHash(OpenIdConnectProtocolValidationContext)	Validates the 'token' according to http://openid.net/specs/openid-connect-core-1_0.html
ValidateAuthenticationResponse(OpenIdConnectProtocolValidationContext)	Validates that an OpenIdConnect Response from 'authorization_endpoint" is valid as per http://openid.net/specs/openid-connect-core-1_0.html
ValidateCHash(OpenIdConnectProtocolValidationContext)	Validates the 'code' according to http://openid.net/specs/openid-connect-core-1_0.html
ValidateIdToken(OpenIdConnectProtocolValidationContext)	Validates the claims in the 'id_token' as per http://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
ValidateNonce(OpenIdConnectProtocolValidationContext)	Validates that the JwtSecurityToken contains the nonce.
ValidateState(OpenIdConnectProtocolValidationContext)	Validates that the 'state' in message is valid.
ValidateTokenResponse(OpenIdConnectProtocolValidationContext)	Validates that an OpenIdConnect Response from "token_endpoint" is valid as per http://openid.net/specs/openid-connect-core-1_0.html
ValidateUserInfoResponse(OpenIdConnectProtocolValidationContext)	Validates that an OpenIdConnect Response from "useinfo_endpoint" is valid as per http://openid.net/specs/openid-connect-core-1_0.html

Applies to