Skip to content

introspection

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History
 
 

introspection

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
.config
.config
 
 
src
src
 
 
test
test
 
 
README.md
README.md
 
 

README.md

Duende.AspNetCore.Authentication.OAuth2Introspection

ASP.NET Core authentication handler for OAuth 2.0 token introspection.

https://tools.ietf.org/html/rfc7662

Configuration

services.AddAuthentication(OAuth2IntrospectionDefaults.AuthenticationScheme)
    .AddOAuth2Introspection(options =>
    {
        options.Authority = "https://base_address_of_token_service";

        options.ClientId = "client_id_for_introspection_endpoint";
        options.ClientSecret = "client_secret_for_introspection_endpoint";
    });

Configuring Backchannel HTTP Client

If configuration, such as using a proxy, is required for the HTTP client calling the Authority then it can be done by registering a named HTTP Client as follows

services.AddHttpClient(OAuth2IntrospectionDefaults.BackChannelHttpClientName)
    .AddHttpMessageHandler(() =>
    {
        //Configure client/handler for the back channel HTTP Client here
        return new HttpClientHandler
            {
                UseProxy = true,
                Proxy = new WebProxy(WebProxyUri, true)
            };
    }