/*
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
* See https://github.com/openiddict/openiddict-core for more information concerning
* the license and the contributors participating to this project.
*/
using System.Security.Claims;
using Microsoft.IdentityModel.JsonWebTokens;
using Microsoft.IdentityModel.Tokens;
namespace OpenIddict.Server;
public static partial class OpenIddictServerEvents
{
///
/// Represents an event called when generating a token.
///
public sealed class GenerateTokenContext : BaseValidatingContext
{
///
/// Creates a new instance of the class.
///
public GenerateTokenContext(OpenIddictServerTransaction transaction)
: base(transaction)
{
}
///
/// Gets or sets the request, or if it is not available.
///
public OpenIddictRequest? Request
{
get => Transaction.Request;
set => Transaction.Request = value;
}
///
/// Gets or sets the client identifier of the application
/// the resulting token will be issued to, if applicable.
///
public string? ClientId { get; set; }
///
/// Gets or sets a boolean indicating whether a token entry
/// should be created to persist token metadata in a database.
///
public bool CreateTokenEntry { get; set; }
///
/// Gets or sets a boolean indicating whether a reference token should be used
/// and, if applicable, returned to the caller instead of the actual token payload.
///
public bool IsReferenceToken { get; set; }
///
/// Gets or sets a boolean indicating whether the token payload
/// should be persisted alongside the token metadata in the database.
///
public bool PersistTokenPayload { get; set; }
///
/// Gets or sets the security principal used to create the token.
///
public ClaimsPrincipal Principal { get; set; } = default!;
///
/// Gets or sets the encryption credentials used to encrypt the token.
///
public EncryptingCredentials? EncryptionCredentials { get; set; }
///
/// Gets or sets the signing credentials used to sign the token.
///
public SigningCredentials? SigningCredentials { get; set; }
///
/// Gets or sets the security token handler used to serialize the security principal.
///
public JsonWebTokenHandler SecurityTokenHandler { get; set; } = default!;
///
/// Gets or sets the token returned to the client application.
///
public string? Token { get; set; }
///
/// Gets or sets the format of the token (e.g JWT or ASP.NET Core Data Protection) to create.
///
public string TokenFormat { get; set; } = default!;
///
/// Gets or sets the type of the token to create.
///
public string TokenType { get; set; } = default!;
}
///
/// Represents an event called when validating a token.
///
public sealed class ValidateTokenContext : BaseValidatingContext
{
///
/// Creates a new instance of the class.
///
public ValidateTokenContext(OpenIddictServerTransaction transaction)
: base(transaction)
{
}
///
/// Gets or sets the request, or if it is not available.
///
public OpenIddictRequest? Request
{
get => Transaction.Request;
set => Transaction.Request = value;
}
///
/// Gets or sets a boolean indicating whether lifetime validation is disabled.
///
public bool DisableLifetimeValidation { get; set; }
///
/// Gets or sets the security token handler used to validate the token.
///
public JsonWebTokenHandler SecurityTokenHandler { get; set; } = default!;
///
/// Gets or sets the validation parameters used to verify the authenticity of tokens.
///
public TokenValidationParameters TokenValidationParameters { get; set; } = default!;
///
/// Gets or sets the token to validate.
///
public string Token { get; set; } = default!;
///
/// Gets or sets the format of the token (e.g JWT or ASP.NET Core Data Protection) to validate, if applicable.
///
public string? TokenFormat { get; set; }
///
/// Gets or sets the token type hint specified by the client, if applicable.
///
public string? TokenTypeHint { get; set; }
///
/// Gets or sets a boolean indicating whether the validated token is a reference token.
///
public bool IsReferenceToken { get; set; }
///
/// Gets or sets the authorization entry identifier associated with the token, if applicable.
///
public string? AuthorizationId { get; set; }
///
/// Gets or sets the token entry identifier associated with the token, if applicable.
///
public string? TokenId { get; set; }
///
/// Gets or sets the security principal resolved from the token.
///
public ClaimsPrincipal? Principal { get; set; }
///
/// Gets the token types that are considered valid.
///
public HashSet ValidTokenTypes { get; } = new(StringComparer.OrdinalIgnoreCase);
}
}