The IBackchannelAuthenticationUserValidator interface is used to validate request hints and identify the user for whom the CIBA request is intended. To use CIBA, you are expected to implement this interface and register it in the DI system.
ValidateRequestAsync
Validates the backchannel login request with the provided BackchannelAuthenticationUserValidatorContext for the current request. Returns a BackchannelAuthenticationUserValidationResult object.
Models the information to validate and identity the user for a CIBA login request.
Client
The Client making the request.
LoginHintToken
The login hint request parameter from the request.
IdTokenHint
The id token hint request parameter from the request.
IdTokenHintClaims
The claims contained in the validated id token hint from the request.
LoginHint
The login hint request parameter from the request.
UserCode
The user code request parameter from the request.
BindingMessage
The binding request parameter from the request.
Models the result of a CIBA login request.
Subject
The ClaimsPrincipal that represents the user that was successfully identified for the login request. This must contain the user’s “sub” claim.
Error
The error if the user validation failed.
ErrorDescription
The error description if the user validation failed.