Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
interface Duende.IdentityServer.Validation.ICustomAuthorizeRequestValidator
Assembly: Duende.IdentityServer
Allows inserting custom validation logic into authorization requests at the authorization endpoint.
Remarks
Implement this interface to run custom code as part of the authorization request pipeline.
<see cref="M:Duende.IdentityServer.Validation.ICustomAuthorizeRequestValidator.ValidateAsync(Duende.IdentityServer.Validation.CustomAuthorizeRequestValidationContext,System.Threading.CancellationToken)" /> is called during authorize request processing, after all built-in
validation has succeeded. The context provides access to the validated request and the
response that will be sent to the client.
<para>
Within the method you can inspect request parameters and apply additional business rules
(e.g., restricting which clients or users may use certain scopes or ACR values).
</para> <para>
To fail the request, set <c>IsError</c>, <c>Error</c>, and optionally <c>ErrorDescription</c>
on the <c>Result</c> object of the <see cref="T:Duende.IdentityServer.Validation.CustomAuthorizeRequestValidationContext" />.
</para> <para>
Register implementations using <c>AddCustomAuthorizeRequestValidator<T>()</c> on the
IdentityServer builder. Multiple implementations may be registered and are all invoked.
</para>
Methods
ValidateAsync(CustomAuthorizeRequestValidationContext context,
System.Threading.CancellationToken ct)
Executes custom validation logic for an authorization request.
Returns A <see cref="T:System.Threading.Tasks.Task" /> that completes when validation is finished.
context
The validation context, providing access to the validated authorization request and the
response that will be returned to the client. Use <c>context.Result</c> to signal failure.
ct
The cancellation token.