private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope)
{
var response = new TokenResponse();
if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken)
{
response.AccessToken = token.TokenXml.OuterXml;
response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds);
}
else
{
var bridge = new AdfsBridge(ConfigurationRepository);
if (ConfigurationRepository.Keys.DecryptionCertificate != null)
{
var configuration = new SecurityTokenHandlerConfiguration
{
AudienceRestriction = { AudienceMode = AudienceUriMode.Never },
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = X509RevocationMode.NoCheck,
CertificateValidator = X509CertificateValidator.None,
ServiceTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(
new ReadOnlyCollection <SecurityToken>(new SecurityToken[] { new X509SecurityToken(ConfigurationRepository.Keys.DecryptionCertificate) }), false)
};
var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration);
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(handler), scope);
}
else
{
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope);
}
}
return(Request.CreateResponse <TokenResponse>(HttpStatusCode.OK, response));
}
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope)
{
var response = new TokenResponse();
if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken)
{
response.AccessToken = token.TokenXml.OuterXml;
response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds);
}
else
{
var bridge = new AdfsBridge(ConfigurationRepository);
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope);
}
return(Request.CreateResponse <TokenResponse>(HttpStatusCode.OK, response));
}
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope)
{
var response = new TokenResponse();
if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken)
{
response.AccessToken = token.TokenXml.OuterXml;
response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds);
}
else
{
var bridge = new AdfsBridge(ConfigurationRepository);
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope);
}
return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, response);
}
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope)
{
var response = new TokenResponse();
if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken)
{
response.AccessToken = token.TokenXml.OuterXml;
response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds);
}
else
{
var bridge = new AdfsBridge(ConfigurationRepository);
if (ConfigurationRepository.Keys.DecryptionCertificate != null)
{
var configuration = new SecurityTokenHandlerConfiguration
{
AudienceRestriction = { AudienceMode = AudienceUriMode.Never },
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = X509RevocationMode.NoCheck,
CertificateValidator = X509CertificateValidator.None,
ServiceTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(
new ReadOnlyCollection<SecurityToken>(new SecurityToken[] { new X509SecurityToken(ConfigurationRepository.Keys.DecryptionCertificate) }), false)
};
var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration);
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(handler), scope);
}
else
{
response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope);
}
}
return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, response);
}
