Ejemplo n.º 1
0
        // TODO: cache this whole thing for 5 minutes
        public JwkContainer GetJwks()
        {
            return(_memoryCache.GetOrCreate("jwks", entry =>
            {
                entry.SetAbsoluteExpiration(TimeSpan.FromMinutes(5));

                return new JwkContainer
                {
                    Keys = _certs.Select(certLocation =>
                    {
                        var cert = new X509Certificate2(_certData.GetValueOrDefault(certLocation) ?? Array.Empty <byte>(), _certPassword.GetValueOrDefault(certLocation));
                        var chain = new X509Chain();
                        chain.Build(cert);

                        var certs = new List <string>();

                        foreach (var c in chain.ChainElements)
                        {
                            certs.Add(Convert.ToBase64String(c.Certificate.GetRawCertData()));
                        }

                        var rsa = cert.GetRSAPublicKey();

                        var key = new RsaSecurityKey(rsa)
                        {
                            KeyId = cert.Thumbprint
                        };

                        return Jwk.CreateFromKey(key, rsa.ExportParameters(false), certs, cert.Thumbprint);
                    }).ToList()
                };
            }));
        }