public void PostConfigure(string name, MonitorApiKeyConfiguration options)
        {
            MonitorApiKeyOptions sourceOptions = _apiKeyOptions.CurrentValue;

            IList <ValidationResult> errors = new List <ValidationResult>();

            Validator.TryValidateObject(
                sourceOptions,
                new ValidationContext(sourceOptions, null, null),
                errors,
                validateAllProperties: true);

            string jwkJson = null;

            try
            {
                jwkJson = Base64UrlEncoder.Decode(sourceOptions.PublicKey);
            }
            catch (Exception)
            {
                errors.Add(
                    new ValidationResult(
                        string.Format(
                            Strings.ErrorMessage_NotBase64,
                            nameof(MonitorApiKeyOptions.PublicKey),
                            sourceOptions.PublicKey),
                        new string[] { nameof(MonitorApiKeyOptions.PublicKey) }));
            }

            JsonWebKey jwk = null;

            if (!string.IsNullOrEmpty(jwkJson))
            {
                try
                {
                    jwk = JsonWebKey.Create(jwkJson);
                }
                // JsonWebKey will throw only throw ArgumentException or a derived class.
                catch (ArgumentException ex)
                {
                    errors.Add(
                        new ValidationResult(
                            string.Format(
                                Strings.ErrorMessage_InvalidJwk,
                                nameof(MonitorApiKeyOptions.PublicKey),
                                sourceOptions.PublicKey,
                                ex.Message),
                            new string[] { nameof(MonitorApiKeyOptions.PublicKey) }));
                }
            }

            if (null != jwk)
            {
                if (!JwtAlgorithmChecker.IsValidJwk(jwk))
                {
                    errors.Add(
                        new ValidationResult(
                            string.Format(
                                Strings.ErrorMessage_RejectedJwk,
                                nameof(MonitorApiKeyOptions.PublicKey)),
                            new string[] { nameof(MonitorApiKeyOptions.PublicKey) }));
                }
                // We will let the algorithm work with private key but we should produce a warning message
                else if (jwk.HasPrivateKey)
                {
                    _logger.NotifyPrivateKey(nameof(MonitorApiKeyOptions.PublicKey));
                }
            }

            options.ValidationErrors = errors;
            if (errors.Any())
            {
                options.Subject   = string.Empty;
                options.PublicKey = null;
            }
            else
            {
                options.Subject   = sourceOptions.Subject;
                options.PublicKey = jwk;
            }
        }
Example #2
0
 private void OnReload(MonitorApiKeyOptions options)
 {
     Interlocked.Exchange(ref _reloadToken, new ConfigurationReloadToken()).OnReload();
 }