public static DelegationClientTranslationResponse Permit(DelegationEvidence delegationEvidence) { return(new DelegationClientTranslationResponse { HasAccess = true, DelegationEvidence = delegationEvidence }); }
public DelegationEvidenceAssertion(string issuer, string subject, string audience, DelegationEvidence delegationEvidence) { Issuer = issuer; Subject = subject; Audience = audience; JwtId = Guid.NewGuid().ToString("N"); IssuedAt = DateTime.UtcNow; Expiration = DateTime.UtcNow.AddSeconds(30); DelegationEvidence = delegationEvidence; }
public string Create(DelegationEvidence delegationEvidence, string partyId) { var payload = BuildJwtPayload(delegationEvidence, partyId); var privateKey = Encoding.UTF8.GetBytes(_configuration["MyDetails:PrivateKey"]); var signingCredentials = new SigningCredentials(new SymmetricSecurityKey(privateKey), SecurityAlgorithms.HmacSha256Signature); var writeToken = new JwtSecurityTokenHandler(); var jwtToken = new JwtSecurityToken(new JwtHeader(signingCredentials), payload); return(writeToken.WriteToken(jwtToken)); }
private bool IsPermitRule(DelegationEvidence delegation) { foreach (var policySet in delegation.PolicySets) { foreach (var policy in policySet.Policies) { if (!policy.Rules.Any(rule => rule.Effect == "Permit")) { return(false); } } } return(true); }
private JwtPayload BuildJwtPayload(DelegationEvidence delegationEvidence, string partyId) { var assertion = new DelegationEvidenceAssertion( delegationEvidence.PolicyIssuer, delegationEvidence.Target.AccessSubject, partyId, delegationEvidence); var delegationEvidenceJson = JsonConvert.SerializeObject(assertion.DelegationEvidence, new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() }); var delegationEvidenceDict = JsonConvert.DeserializeObject <JObject>(delegationEvidenceJson).ToDictionary(); var authorityAudience = $"{_configuration["OAuth2:AuthServerUrl"]}connect/token"; var claims = new List <Claim> { new Claim("iss", assertion.Issuer), new Claim("sub", assertion.Subject), new Claim("aud", authorityAudience), new Claim("aud", assertion.Audience), new Claim("jti", assertion.JwtId), new Claim("iat", ConvertDateTimeToTimestamp(assertion.IssuedAt)), new Claim("exp", ConvertDateTimeToTimestamp(assertion.Expiration)) }; var payload = new JwtPayload(claims) { { "delegationEvidence", delegationEvidenceDict } }; return(payload); }
private static bool IsPermitRule(DelegationEvidence delegation) => delegation.PolicySets .SelectMany(policySet => policySet.Policies) .All(policy => policy.Rules.Any(rule => rule.Effect == "Permit"));