OAuthAuthorizationServerOptions Class

 

Options class provides information needed to control Authorization Server middleware behavior

Namespace:   Microsoft.Owin.Security.OAuth
Assembly:  Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)

System::Object
  Microsoft.Owin.Security::AuthenticationOptions
    Microsoft.Owin.Security.OAuth::OAuthAuthorizationServerOptions

public ref class OAuthAuthorizationServerOptions : AuthenticationOptions

NameDescription
System_CAPS_pubmethodOAuthAuthorizationServerOptions()

Creates an instance of authorization server options with default values.

NameDescription
System_CAPS_pubpropertyAccessTokenExpireTimeSpan

The period of time the access token remains valid after being issued. The default is twenty minutes. The client application is expected to refresh or acquire a new access token after the token has expired.

System_CAPS_pubpropertyAccessTokenFormat

The data format used to protect the information contained in the access token. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection. If a different access token provider or format is assigned, a compatible instance must be assigned to the OAuthBearerAuthenticationOptions.AccessTokenProvider or OAuthBearerAuthenticationOptions.AccessTokenFormat property of the resource server.

System_CAPS_pubpropertyAccessTokenProvider

Produces a bearer token the client application will typically be providing to resource server as the authorization bearer http request header. If not provided the token produced on the server's default data protection. If a different access token provider or format is assigned, a compatible instance must be assigned to the OAuthBearerAuthenticationOptions.AccessTokenProvider or OAuthBearerAuthenticationOptions.AccessTokenFormat property of the resource server.

System_CAPS_pubpropertyAllowInsecureHttp

True to allow authorize and token requests to arrive on http URI addresses, and to allow incoming redirect_uri authorize request parameter to have http URI addresses.

System_CAPS_pubpropertyApplicationCanDisplayErrors

Set to true if the web application is able to render error messages on the /Authorize endpoint. This is only needed for cases where the browser is not redirected back to the client application, for example, when the client_id or redirect_uri are incorrect. The /Authorize endpoint should expect to see "oauth.Error", "oauth.ErrorDescription", "oauth.ErrorUri" properties added to the owin environment.

System_CAPS_pubpropertyAuthenticationMode

If Active the authentication middleware alter the request user coming in and alter 401 Unauthorized responses going out. If Passive the authentication middleware will only provide identity and alter responses when explicitly indicated by the AuthenticationType.(Inherited from AuthenticationOptions.)

System_CAPS_pubpropertyAuthenticationType

The AuthenticationType in the options corresponds to the IIdentity AuthenticationType property. A different value may be assigned in order to use the same authentication middleware type more than once in a pipeline.(Inherited from AuthenticationOptions.)

System_CAPS_pubpropertyAuthorizationCodeExpireTimeSpan

The period of time the authorization code remains valid after being issued. The default is five minutes. This time span must also take into account clock synchronization between servers in a web farm, so a very brief value could result in unexpectedly expired tokens.

System_CAPS_pubpropertyAuthorizationCodeFormat

The data format used to protect and unprotect the information contained in the authorization code. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection.

System_CAPS_pubpropertyAuthorizationCodeProvider

Produces a single-use authorization code to return to the client application. For the OAuth server to be secure the application MUST provide an instance for AuthorizationCodeProvider where the token produced by the OnCreate or OnCreateAsync event is considered valid for only one call to OnReceive or OnReceiveAsync.

System_CAPS_pubpropertyAuthorizeEndpointPath

The request path where client applications will redirect the user-agent in order to obtain user consent to issue a token. Must begin with a leading slash, like "/Authorize".

System_CAPS_pubpropertyDescription

Additional information about the authentication type which is made available to the application.(Inherited from AuthenticationOptions.)

System_CAPS_pubpropertyFormPostEndpoint

Endpoint responsible for Form Post Response Mode See also, http://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html

System_CAPS_pubpropertyProvider

The object provided by the application to process events raised by the Authorization Server middleware. The application may implement the interface fully, or it may create an instance of OAuthAuthorizationServerProvider and assign delegates only to the events it wants to process.

System_CAPS_pubpropertyRefreshTokenFormat

The data format used to protect and unprotect the information contained in the refresh token. If not provided by the application the default data protection provider depends on the host server. The SystemWeb host on IIS will use ASP.NET machine key data protection, and HttpListener and other self-hosted servers will use DPAPI data protection.

System_CAPS_pubpropertyRefreshTokenProvider

Produces a refresh token which may be used to produce a new access token when needed. If not provided the authorization server will not return refresh tokens from the /Token endpoint.

System_CAPS_pubpropertySystemClock

Used to know what the current clock time is when calculating or validating token expiration. When not assigned default is based on DateTimeOffset.UtcNow. This is typically needed only for unit testing.

System_CAPS_pubpropertyTokenEndpointPath

The request path client applications communicate with directly as part of the OAuth protocol. Must begin with a leading slash, like "/Token". If the client is issued a client_secret, it must be provided to this endpoint.

NameDescription
System_CAPS_pubmethodEquals(Object^)

(Inherited from Object.)

System_CAPS_protmethodFinalize()

(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

(Inherited from Object.)

System_CAPS_pubmethodGetType()

(Inherited from Object.)

System_CAPS_protmethodMemberwiseClone()

(Inherited from Object.)

System_CAPS_pubmethodToString()

(Inherited from Object.)

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: