public TokenExchanger(AuthServerOptions options, HttpClient httpclient = null, ILogger logger = null)
{
_options = options;
_httpClient = httpclient ?? HttpClientHelper.GetHttpClient(options.ValidateCertificates, options.ClientTimeout);
_logger = logger;
}
public static TokenValidationParameters GetTokenValidationParameters(TokenValidationParameters parameters, string keyUrl, HttpMessageHandler handler, bool validateCertificates, AuthServerOptions options = null)
{
if (parameters == null)
{
parameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = true,
ValidateLifetime = true
};
}
var tokenValidator = new CloudFoundryTokenValidator(options ?? new AuthServerOptions());
parameters.IssuerValidator = tokenValidator.ValidateIssuer;
parameters.AudienceValidator = tokenValidator.ValidateAudience;
CloudFoundryTokenKeyResolver tkr;
if (options is null)
{
tkr = new CloudFoundryTokenKeyResolver(keyUrl, handler, validateCertificates);
}
else
{
tkr = new CloudFoundryTokenKeyResolver(keyUrl, handler, validateCertificates, options.ClientTimeout);
}
parameters.IssuerSigningKeyResolver = tkr.ResolveSigningKey;
return(parameters);
}
public CloudFoundryTokenValidator(AuthServerOptions options = null)
{
_options = options ?? new AuthServerOptions();
}
public static TokenValidationParameters GetTokenValidationParameters(TokenValidationParameters parameters, string keyUrl, HttpMessageHandler handler, bool validateCertificates, AuthServerOptions options = null)
{
if (parameters == null)
{
parameters = new TokenValidationParameters();
}
var tokenValidator = new CloudFoundryTokenValidator(options ?? new AuthServerOptions());
parameters.IssuerValidator = tokenValidator.ValidateIssuer;
parameters.AudienceValidator = tokenValidator.ValidateAudience;
var tkr = new CloudFoundryTokenKeyResolver(keyUrl, handler, validateCertificates);
parameters.IssuerSigningKeyResolver = tkr.ResolveSigningKey;
return(parameters);
}