Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
interface Duende.IdentityServer.ResponseHandling.IAuthorizeInteractionResponseGenerator
Assembly: Duende.IdentityServer
Determines whether the user must log in, consent, create an account, or be redirected to a custom page before the authorization endpoint can issue a response. This interface is invoked during every authorization request, after the request has been validated but before the authorization code or tokens are issued.
Remarks
The built-in implementation ( <c>AuthorizeInteractionResponseGenerator</c> ) encodes all default
login and consent semantics, including prompt handling, max-age enforcement, and ACR checks.
When customizing this behavior it is strongly recommended to derive from
<c>AuthorizeInteractionResponseGenerator</c> and override the relevant virtual methods rather
than implementing this interface from scratch, so that the default logic is preserved.
Methods
ProcessInteractionAsync(Validation.ValidatedAuthorizeRequest request,
Models.ConsentResponse? consent,
System.Threading.CancellationToken ct)
Evaluates the current authorization request and returns an <see cref="T:Duende.IdentityServer.ResponseHandling.InteractionResponse" />
that describes what interaction, if any, is required before the request can be completed.
Returns An <see cref="T:Duende.IdentityServer.ResponseHandling.InteractionResponse" /> indicating whether the user must log in, consent,
create an account, be shown an error, be redirected to a custom page, or whether no
further interaction is required.
request
The validated authorize request being processed.
consent
The consent response provided by the user, if the user was shown a consent page and has
already responded; otherwise <see langword="null" /> .
ct
The cancellation token.