public async Task <string> GenerateIdTokenAsync(Core.Common.Models.Client client, JwsPayload jwsPayload)
{
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
if (jwsPayload == null)
{
throw new ArgumentNullException(nameof(jwsPayload));
}
var signedResponseAlg = client.GetIdTokenSignedResponseAlg();
var encryptResponseAlg = client.GetIdTokenEncryptedResponseAlg();
var encryptResponseEnc = client.GetIdTokenEncryptedResponseEnc();
if (signedResponseAlg == null)
{
signedResponseAlg = JwsAlg.RS256;
}
var idToken = await _jwtGenerator.SignAsync(jwsPayload, signedResponseAlg.Value);
if (encryptResponseAlg == null)
{
return(idToken);
}
if (encryptResponseEnc == null)
{
encryptResponseEnc = JweEnc.A128CBC_HS256;
}
return(await _jwtGenerator.EncryptAsync(idToken, encryptResponseAlg.Value, encryptResponseEnc.Value));
}
public void When_Passing_Alg_To_GetIdTokenEncryptedResponseAlg_Then_RSA1_5_Is_Returned()
{
// ARRANGE
var client = new Core.Common.Models.Client
{
IdTokenEncryptedResponseAlg = Jwt.Constants.JweAlgNames.RSA1_5
};
// ACT
var result = client.GetIdTokenEncryptedResponseAlg();
// ASSERT
Assert.True(result == JweAlg.RSA1_5);
}
public void When_Passing_Not_Supported_Alg_To_GetIdTokenEncryptedResponseAlg_Then_Null_Is_Returned()
{
// ARRANGE
var client = new Core.Common.Models.Client
{
IdTokenEncryptedResponseAlg = "not_supported"
};
// ACT
var result = client.GetIdTokenEncryptedResponseAlg();
// ASSERT
Assert.Null(result);
}
public async Task <JwsPayload> GetPayload(Core.Common.Models.Client client, string jwsToken)
{
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
if (string.IsNullOrWhiteSpace(jwsToken))
{
throw new ArgumentNullException(nameof(jwsToken));
}
var signedResponseAlg = client.GetIdTokenSignedResponseAlg();
var encryptResponseAlg = client.GetIdTokenEncryptedResponseAlg();
if (encryptResponseAlg != null) // Decrypt the token.
{
jwsToken = await _jwtParser.DecryptAsync(jwsToken, client.ClientId);
}
return(await _jwtParser.UnSignAsync(jwsToken, client.ClientId));
}