Del via


OAuthAuthorizationServerOptions Class

 

Options class provides information needed to control Authorization Server middleware behavior

Namespace:   Microsoft.Owin.Security.OAuth
Assembly:  Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)

Inheritance Hierarchy

System.Object
  Microsoft.Owin.Security.AuthenticationOptions
    Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions

Syntax

public class OAuthAuthorizationServerOptions : AuthenticationOptions
public ref class OAuthAuthorizationServerOptions : AuthenticationOptions
type OAuthAuthorizationServerOptions = 
    class
        inherit AuthenticationOptions
    end
Public Class OAuthAuthorizationServerOptions
    Inherits AuthenticationOptions

Constructors

Name Description
System_CAPS_pubmethod OAuthAuthorizationServerOptions()

Creates an instance of authorization server options with default values.

Properties

Name Description
System_CAPS_pubproperty AccessTokenExpireTimeSpan

The period of time the access token remains valid after being issued. The default is twenty minutes. The client application is expected to refresh or acquire a new access token after the token has expired.

System_CAPS_pubproperty AccessTokenFormat

The data format used to protect the information contained in the access token. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection. If a different access token provider or format is assigned, a compatible instance must be assigned to the OAuthBearerAuthenticationOptions.AccessTokenProvider or OAuthBearerAuthenticationOptions.AccessTokenFormat property of the resource server.

System_CAPS_pubproperty AccessTokenProvider

Produces a bearer token the client application will typically be providing to resource server as the authorization bearer http request header. If not provided the token produced on the server's default data protection. If a different access token provider or format is assigned, a compatible instance must be assigned to the OAuthBearerAuthenticationOptions.AccessTokenProvider or OAuthBearerAuthenticationOptions.AccessTokenFormat property of the resource server.

System_CAPS_pubproperty AllowInsecureHttp

True to allow authorize and token requests to arrive on http URI addresses, and to allow incoming redirect_uri authorize request parameter to have http URI addresses.

System_CAPS_pubproperty ApplicationCanDisplayErrors

Set to true if the web application is able to render error messages on the /Authorize endpoint. This is only needed for cases where the browser is not redirected back to the client application, for example, when the client_id or redirect_uri are incorrect. The /Authorize endpoint should expect to see "oauth.Error", "oauth.ErrorDescription", "oauth.ErrorUri" properties added to the owin environment.

System_CAPS_pubproperty AuthenticationMode

If Active the authentication middleware alter the request user coming in and alter 401 Unauthorized responses going out. If Passive the authentication middleware will only provide identity and alter responses when explicitly indicated by the AuthenticationType.(Inherited from AuthenticationOptions.)

System_CAPS_pubproperty AuthenticationType

The AuthenticationType in the options corresponds to the IIdentity AuthenticationType property. A different value may be assigned in order to use the same authentication middleware type more than once in a pipeline.(Inherited from AuthenticationOptions.)

System_CAPS_pubproperty AuthorizationCodeExpireTimeSpan

The period of time the authorization code remains valid after being issued. The default is five minutes. This time span must also take into account clock synchronization between servers in a web farm, so a very brief value could result in unexpectedly expired tokens.

System_CAPS_pubproperty AuthorizationCodeFormat

The data format used to protect and unprotect the information contained in the authorization code. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection.

System_CAPS_pubproperty AuthorizationCodeProvider

Produces a single-use authorization code to return to the client application. For the OAuth server to be secure the application MUST provide an instance for AuthorizationCodeProvider where the token produced by the OnCreate or OnCreateAsync event is considered valid for only one call to OnReceive or OnReceiveAsync.

System_CAPS_pubproperty AuthorizeEndpointPath

The request path where client applications will redirect the user-agent in order to obtain user consent to issue a token. Must begin with a leading slash, like "/Authorize".

System_CAPS_pubproperty Description

Additional information about the authentication type which is made available to the application.(Inherited from AuthenticationOptions.)

System_CAPS_pubproperty FormPostEndpoint

Endpoint responsible for Form Post Response Mode See also, http://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html

System_CAPS_pubproperty Provider

The object provided by the application to process events raised by the Authorization Server middleware. The application may implement the interface fully, or it may create an instance of OAuthAuthorizationServerProvider and assign delegates only to the events it wants to process.

System_CAPS_pubproperty RefreshTokenFormat

The data format used to protect and unprotect the information contained in the refresh token. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection.

System_CAPS_pubproperty RefreshTokenProvider

Produces a refresh token which may be used to produce a new access token when needed. If not provided the authorization server will not return refresh tokens from the /Token endpoint.

System_CAPS_pubproperty SystemClock

Used to know what the current clock time is when calculating or validating token expiration. When not assigned default is based on DateTimeOffset.UtcNow. This is typically needed only for unit testing.

System_CAPS_pubproperty TokenEndpointPath

The request path client applications communicate with directly as part of the OAuth protocol. Must begin with a leading slash, like "/Token". If the client is issued a client_secret, it must be provided to this endpoint.

Methods

Name Description
System_CAPS_pubmethod Equals(Object)

(Inherited from Object.)

System_CAPS_protmethod Finalize()

(Inherited from Object.)

System_CAPS_pubmethod GetHashCode()

(Inherited from Object.)

System_CAPS_pubmethod GetType()

(Inherited from Object.)

System_CAPS_protmethod MemberwiseClone()

(Inherited from Object.)

System_CAPS_pubmethod ToString()

(Inherited from Object.)

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

See Also

Microsoft.Owin.Security.OAuth Namespace

Return to top