public async Task <string> GenerateIdTokenAsync(Core.Common.Models.Client client, JwsPayload jwsPayload)
{
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
if (jwsPayload == null)
{
throw new ArgumentNullException(nameof(jwsPayload));
}
var signedResponseAlg = client.GetIdTokenSignedResponseAlg();
var encryptResponseAlg = client.GetIdTokenEncryptedResponseAlg();
var encryptResponseEnc = client.GetIdTokenEncryptedResponseEnc();
if (signedResponseAlg == null)
{
signedResponseAlg = JwsAlg.RS256;
}
var idToken = await _jwtGenerator.SignAsync(jwsPayload, signedResponseAlg.Value);
if (encryptResponseAlg == null)
{
return(idToken);
}
if (encryptResponseEnc == null)
{
encryptResponseEnc = JweEnc.A128CBC_HS256;
}
return(await _jwtGenerator.EncryptAsync(idToken, encryptResponseAlg.Value, encryptResponseEnc.Value));
}
public void When_Passing_Alg_To_GetIdTokenEncryptedResponseEnc_Then_A128CBC_HS256_Is_Returned()
{
// ARRANGE
var client = new Core.Common.Models.Client
{
IdTokenEncryptedResponseEnc = Jwt.Constants.JweEncNames.A128CBC_HS256
};
// ACT
var result = client.GetIdTokenEncryptedResponseEnc();
// ASSERT
Assert.True(result == JweEnc.A128CBC_HS256);
}
public void When_Passing_Not_Supported_Alg_To_GetIdTokenEncryptedResponseEnc_Then_Null_Is_Returned()
{
// ARRANGE
var client = new Core.Common.Models.Client
{
IdTokenEncryptedResponseEnc = "not_supported"
};
// ACT
var result = client.GetIdTokenEncryptedResponseEnc();
// ASSERT
Assert.Null(result);
}
