/// <summary>
/// Obtain the JWKS object describing certificates used by this RP for signing and encoding.
/// </summary>
/// <param name="EncodingCerts">List of certificates to be used for encoding.</param>
/// <param name="SigningCerts">List of certificates to be used for signing.</param>
/// <returns>The JWKS object with the keys of the RP.</returns>
public static List <OIDCKey> GetKeysJwkList(List <X509Certificate2> EncodingCerts, List <X509Certificate2> SigningCerts)
{
List <OIDCKey> keys = new List <OIDCKey>();
int countEnc = 1;
foreach (X509Certificate2 certificate in EncodingCerts)
{
if (certificate != null)
{
OIDCKey curCert = GetOIDCKey(certificate, "RSA", "enc", "Encoding Certificate " + countEnc);
countEnc++;
keys.Add(curCert);
}
}
int countSign = 1;
foreach (X509Certificate2 certificate in SigningCerts)
{
if (certificate != null)
{
OIDCKey curCert = GetOIDCKey(certificate, "RSA", "sig", "Signing Certificate " + countEnc);
countSign++;
keys.Add(curCert);
}
}
return(keys);
}
/// <summary>
/// Method that permits to get a OIDCKey object representing a security key
/// </summary>
/// <param name="certificate">The certificate to use to create the key</param>
/// <param name="keyType">The type of the key</param>
/// <param name="use">The use of the mey ("sig" or "enc")</param>
/// <param name="uniqueName">The unique name of he key in the keystore</param>
/// <returns></returns>
public static OIDCKey GetOIDCKey(X509Certificate2 certificate, string keyType, string use, string uniqueName = null)
{
RSACryptoServiceProvider rsa = certificate.PrivateKey as RSACryptoServiceProvider;
RSAParameters par = rsa.ExportParameters(true);
OIDCKey curCert = new OIDCKey();
curCert.Use = use;
curCert.SetParams(par);
curCert.Kty = keyType;
curCert.Kid = uniqueName;
return(curCert);
}
/// <summary>
/// Constructor deserializing message properties from dictionary.
/// </summary>
/// <param name="o">The dictionary object containing message properties.</param>
public OIDCProviderMetadata(Dictionary <string, object> o)
{
DeserializeFromDictionary(o);
if (JwksUri != null)
{
Keys = new List <OIDCKey>();
Dictionary <string, object> jwks = WebOperations.GetUrlContent(WebRequest.Create(JwksUri));
JArray keys = (JArray)jwks["keys"];
foreach (JToken key in keys)
{
OIDCKey newKey = new OIDCKey(key.ToObject <Dictionary <string, object> >());
Keys.Add(newKey);
}
}
}
public OIDCProviderMetadata(dynamic o)
{
deserializeFromDynamic(o);
if (JwksUri != null)
{
Keys = new List <OIDCKey>();
Dictionary <string, object> jwks = OpenIdRelyingParty.GetUrlContent(WebRequest.Create(JwksUri));
ArrayList keys = (ArrayList)jwks["keys"];
foreach (Dictionary <string, object> key in keys)
{
OIDCKey newKey = new OIDCKey(key);
Keys.Add(newKey);
}
}
}
/// <summary>
/// Constructor deserializing message properties from dictionary.
/// </summary>
/// <param name="o">The dictionary object containing message properties.</param>
public OIDCProviderMetadata(Dictionary<string, object> o)
{
DeserializeFromDictionary(o);
if (JwksUri != null)
{
Keys = new List<OIDCKey>();
Dictionary<string, object> jwks = WebOperations.GetUrlContent(WebRequest.Create(JwksUri));
JArray keys = (JArray)jwks["keys"];
foreach (JToken key in keys)
{
OIDCKey newKey = new OIDCKey(key.ToObject<Dictionary<string, object>>());
Keys.Add(newKey);
}
}
}
/// <summary>
/// Method that permits to get a OIDCKey object representing a security key
/// </summary>
/// <param name="certificate">The certificate to use to create the key</param>
/// <param name="keyType">The type of the key</param>
/// <param name="use">The use of the mey ("sig" or "enc")</param>
/// <param name="uniqueName">The unique name of he key in the keystore</param>
/// <returns></returns>
public static OIDCKey GetOIDCKey(X509Certificate2 certificate, string keyType, string use, string uniqueName = null)
{
RSACryptoServiceProvider rsa = certificate.PrivateKey as RSACryptoServiceProvider;
RSAParameters par = rsa.ExportParameters(true);
OIDCKey curCert = new OIDCKey();
curCert.Use = use;
curCert.SetParams(par);
curCert.Kty = keyType;
curCert.Kid = uniqueName;
return curCert;
}
