/// <summary>
/// Issues the client JWT.
/// </summary>
/// <param name="tools">The tools.</param>
/// <param name="clientId">The client identifier.</param>
/// <param name="lifetime">The lifetime.</param>
/// <param name="scopes">The scopes.</param>
/// <param name="audiences">The audiences.</param>
/// <returns></returns>
public static async Task <string> IssueClientJwtAsync(this IdentityServerTools tools, string clientId, int lifetime, IEnumerable <string> scopes = null, IEnumerable <string> audiences = null)
{
var claims = new HashSet <Claim>(new ClaimComparer());
claims.Add(new Claim(JwtClaimTypes.ClientId, clientId));
if (!scopes.IsNullOrEmpty())
{
foreach (var scope in scopes)
{
claims.Add(new Claim(JwtClaimTypes.Scope, scope));
}
}
claims.Add(new Claim(JwtClaimTypes.Audience, string.Format(IdentityServerConstants.AccessTokenAudience, tools.ContextAccessor.HttpContext.GetIdentityServerIssuerUri().EnsureTrailingSlash())));
if (!audiences.IsNullOrEmpty())
{
foreach (var audience in audiences)
{
claims.Add(new Claim(JwtClaimTypes.Audience, audience));
}
}
return(await tools.IssueJwtAsync(lifetime, claims));
}
/// <summary>
/// Issues the client JWT.
/// </summary>
/// <param name="tools">The tools.</param>
/// <param name="clientId">The client identifier.</param>
/// <param name="lifetime">The lifetime.</param>
/// <param name="scopes">The scopes.</param>
/// <param name="audiences">The audiences.</param>
/// <param name="additionalClaims">Additional claims</param>
/// <returns></returns>
public static async Task <string> IssueClientJwtAsync(this IdentityServerTools tools,
string clientId,
int lifetime,
IEnumerable <string> scopes = null,
IEnumerable <string> audiences = null,
IEnumerable <Claim> additionalClaims = null)
{
var claims = new HashSet <Claim>(new ClaimComparer());
var context = tools.ContextAccessor.HttpContext;
var options = context.RequestServices.GetRequiredService <IdentityServerOptions>();
if (additionalClaims != null)
{
foreach (var claim in additionalClaims)
{
claims.Add(claim);
}
}
claims.Add(new Claim(JwtClaimTypes.ClientId, clientId));
if (!scopes.IsNullOrEmpty())
{
foreach (var scope in scopes)
{
claims.Add(new Claim(JwtClaimTypes.Scope, scope));
}
}
if (options.EmitStaticAudienceClaim)
{
claims.Add(new Claim(JwtClaimTypes.Audience, string.Format(IdentityServerConstants.AccessTokenAudience, tools.ContextAccessor.HttpContext.GetIdentityServerIssuerUri().EnsureTrailingSlash())));
}
if (!audiences.IsNullOrEmpty())
{
foreach (var audience in audiences)
{
claims.Add(new Claim(JwtClaimTypes.Audience, audience));
}
}
return(await tools.IssueJwtAsync(lifetime, claims));
}
