/// <summary>
/// Sets the temporary signing credential.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="persistKey">Specifies if the temporary key should be persisted to disk.</param>
/// <param name="filename">The filename.</param>
/// <param name="signingAlgorithm">The signing algorithm (defaults to RS256)</param>
/// <returns></returns>
public static IIdentityServerBuilder AddDeveloperSigningCredential(
this IIdentityServerBuilder builder,
bool persistKey = true,
string filename = null,
IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.RsaSigningAlgorithm.RS256)
{
if (filename == null)
{
filename = Path.Combine(Directory.GetCurrentDirectory(), "tempkey.jwk");
}
if (File.Exists(filename))
{
var json = File.ReadAllText(filename);
var jwk = new JsonWebKey(json);
return(builder.AddSigningCredential(jwk, jwk.Alg));
}
else
{
var key = CryptoHelper.CreateRsaSecurityKey();
var jwk = JsonWebKeyConverter.ConvertFromRSASecurityKey(key);
jwk.Alg = signingAlgorithm.ToString();
if (persistKey)
{
File.WriteAllText(filename, JsonConvert.SerializeObject(jwk));
}
return(builder.AddSigningCredential(key, signingAlgorithm));
}
}
/// <summary>
/// 產生jwk檔
/// </summary>
/// <param name="builder"></param>
/// <returns></returns>
public static IIdentityServerBuilder AddCustomCredential(
this IIdentityServerBuilder builder)
{
bool persistKey = true;
string filename = "Credential.jwk";
IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.RsaSigningAlgorithm.RS256;
if (File.Exists(filename))
{
var json = File.ReadAllText(filename);
var jwk = new JsonWebKey(json);
return(builder.AddSigningCredential(jwk, jwk.Alg));
}
else
{
var key = CryptoHelper.CreateRsaSecurityKey();
var jwk = JsonWebKeyConverter.ConvertFromRSASecurityKey(key);
jwk.Alg = signingAlgorithm.ToString();
if (persistKey)
{
File.WriteAllText(filename, System.Text.Json.JsonSerializer.Serialize(jwk));
}
return(builder.AddSigningCredential(key, signingAlgorithm));
}
}
/// <summary>
/// Adds an RSA-based validation key.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="key">The RSA key</param>
/// <param name="signingAlgorithm">The RSA-based signing algorithm</param>
/// <returns></returns>
public static IIdentityServerBuilder AddValidationKey(
this IIdentityServerBuilder builder,
RsaSecurityKey key,
IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.RsaSigningAlgorithm.RS256)
{
var keyInfo = new SecurityKeyInfo
{
Key = key,
SigningAlgorithm = CryptoHelper.GetRsaSigningAlgorithmValue(signingAlgorithm)
};
return(builder.AddValidationKey(keyInfo));
}
/// <summary>
/// Sets the temporary signing credential.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="persistKey">Specifies if the temporary key should be persisted to disk.</param>
/// <param name="filename">The filename.</param>
/// <param name="signingAlgorithm">The signing algorithm (defaults to RS256)</param>
/// <returns></returns>
public static IIdentityServerBuilder AddDeveloperSigningCredential(
this IIdentityServerBuilder builder,
bool persistKey = true,
string filename = null,
IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.RsaSigningAlgorithm.RS256)
{
if (filename == null)
{
filename = Path.Combine(Directory.GetCurrentDirectory(), "tempkey.rsa");
}
if (File.Exists(filename))
{
var keyFile = File.ReadAllText(filename);
var tempKey = JsonConvert.DeserializeObject <CryptoHelper.TemporaryRsaKey>(keyFile, new JsonSerializerSettings {
ContractResolver = new CryptoHelper.RsaKeyContractResolver()
});
return(builder.AddSigningCredential(CryptoHelper.CreateRsaSecurityKey(tempKey.Parameters, tempKey.KeyId), signingAlgorithm));
}
else
{
var key = CryptoHelper.CreateRsaSecurityKey();
RSAParameters parameters;
if (key.Rsa != null)
{
parameters = key.Rsa.ExportParameters(includePrivateParameters: true);
}
else
{
parameters = key.Parameters;
}
var tempKey = new CryptoHelper.TemporaryRsaKey
{
Parameters = parameters,
KeyId = key.KeyId
};
if (persistKey)
{
File.WriteAllText(filename, JsonConvert.SerializeObject(tempKey, new JsonSerializerSettings {
ContractResolver = new CryptoHelper.RsaKeyContractResolver()
}));
}
return(builder.AddSigningCredential(key, signingAlgorithm));
}
}
/// <summary>
/// Sets an RSA-based signing credential.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="key">The RSA key.</param>
/// <param name="signingAlgorithm">The signing algorithm</param>
/// <returns></returns>
public static IIdentityServerBuilder AddSigningCredential(this IIdentityServerBuilder builder, RsaSecurityKey key, IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm)
{
var credential = new SigningCredentials(key, CryptoHelper.GetRsaSigningAlgorithmValue(signingAlgorithm));
return(builder.AddSigningCredential(credential));
}
public static IIdentityServerBuilder AddAbpDeveloperSigningCredential(
this IIdentityServerBuilder builder,
bool persistKey = true,
string filename = null,
IdentityServerConstants.RsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.RsaSigningAlgorithm.RS256)
{
if (filename == null)
{
filename = Path.Combine(Directory.GetCurrentDirectory(), "tempkey.rsa");
}
if (File.Exists(filename))
{
var keyFile = File.ReadAllText(filename);
var json = JObject.Parse(keyFile);
var keyId = json.GetValue("KeyId").Value <string>();
var jsonParameters = json.GetValue("Parameters");
RSAParameters rsaParameters;
rsaParameters.D = Convert.FromBase64String(jsonParameters["D"].Value <string>());
rsaParameters.DP = Convert.FromBase64String(jsonParameters["DP"].Value <string>());
rsaParameters.DQ = Convert.FromBase64String(jsonParameters["DQ"].Value <string>());
rsaParameters.Exponent = Convert.FromBase64String(jsonParameters["Exponent"].Value <string>());
rsaParameters.InverseQ = Convert.FromBase64String(jsonParameters["InverseQ"].Value <string>());
rsaParameters.Modulus = Convert.FromBase64String(jsonParameters["Modulus"].Value <string>());
rsaParameters.P = Convert.FromBase64String(jsonParameters["P"].Value <string>());
rsaParameters.Q = Convert.FromBase64String(jsonParameters["Q"].Value <string>());
return(builder.AddSigningCredential(CryptoHelper.CreateRsaSecurityKey(rsaParameters, keyId), signingAlgorithm));
}
else
{
var key = CryptoHelper.CreateRsaSecurityKey();
RSAParameters parameters;
if (key.Rsa != null)
{
parameters = key.Rsa.ExportParameters(includePrivateParameters: true);
}
else
{
parameters = key.Parameters;
}
var jObject = new JObject
{
{
"KeyId", key.KeyId
},
{
"Parameters", new JObject
{
{ "D", Convert.ToBase64String(parameters.D) },
{ "DP", Convert.ToBase64String(parameters.DP) },
{ "DQ", Convert.ToBase64String(parameters.DQ) },
{ "Exponent", Convert.ToBase64String(parameters.Exponent) },
{ "InverseQ", Convert.ToBase64String(parameters.InverseQ) },
{ "Modulus", Convert.ToBase64String(parameters.Modulus) },
{ "P", Convert.ToBase64String(parameters.P) },
{ "Q", Convert.ToBase64String(parameters.Q) }
}
}
};
if (persistKey)
{
File.WriteAllText(filename, jObject.ToString());
}
return(builder.AddSigningCredential(key, signingAlgorithm));
}
}
