private static IJwtBuilder GetBuilder(byte[] key)
{
IJwtBuilder builder = new DefaultJwtBuilder(Serializers.Create().JsonNetSerializer().Build());
builder.SignWith(key);
return builder;
}
string IIdSiteUrlBuilder.Build()
{
if (string.IsNullOrEmpty(this.callbackUri))
{
throw new ApplicationException($"{nameof(this.callbackUri)} cannot be null or empty.");
}
var jti = this.jtiProvider.NewJti();
var apiKey = this.internalDataStore.ApiKey;
IJwtBuilder jwtBuilder = new DefaultJwtBuilder(this.internalDataStore.Serializer);
jwtBuilder
.SetId(jti)
.SetIssuedAt(this.clock.Now)
.SetIssuer(apiKey.GetId())
.SetSubject(this.applicationHref)
.SetClaim(IdSiteClaims.RedirectUri, this.callbackUri)
.SignWith(apiKey.GetSecret(), Encoding.UTF8);
if (!string.IsNullOrEmpty(this.path))
{
jwtBuilder.SetClaim(IdSiteClaims.Path, this.path);
}
if (!string.IsNullOrEmpty(this.state))
{
jwtBuilder.SetClaim(IdSiteClaims.State, this.state);
}
if (!string.IsNullOrEmpty(this.organizationNameKey))
{
jwtBuilder.SetClaim(IdSiteClaims.OrganizationNameKey, this.organizationNameKey);
}
if (this.useSubdomain != null)
{
jwtBuilder.SetClaim(IdSiteClaims.UseSubdomain, this.useSubdomain.Value);
}
if (this.showOrganizationField != null)
{
jwtBuilder.SetClaim(IdSiteClaims.ShowOrganizationField, this.showOrganizationField.Value);
}
string jwt = jwtBuilder.Build()
.ToString();
var urlBuilder = new StringBuilder(this.ssoEndpoint);
if (this.logout)
{
urlBuilder.Append(logoutSuffix);
}
urlBuilder.Append($"?{IdSiteClaims.JwtRequest}={jwt}");
return(urlBuilder.ToString());
}
private static IJwtBuilder GetBuilder(byte[] key)
{
IJwtBuilder builder = new DefaultJwtBuilder(Serializers.Create().JsonNetSerializer().Build());
builder.SignWith(key);
return(builder);
}
public void When_encoding(IDictionary <string, object> payload, string signingKey, string expected)
{
IJwtBuilder builder = new DefaultJwtBuilder(Serializers.Create().JsonNetSerializer().Build());
var jwt = builder
.SetClaims(payload)
.SignWith(signingKey, Encoding.UTF8)
.Build();
jwt.ToString().ShouldBe(expected);
}
public void When_encoding(IDictionary<string, object> payload, string signingKey, string expected)
{
IJwtBuilder builder = new DefaultJwtBuilder(Serializers.Create().JsonNetSerializer().Build());
var jwt = builder
.SetClaims(payload)
.SignWith(signingKey, Encoding.UTF8)
.Build();
jwt.ToString().ShouldBe(expected);
}
string IIdSiteUrlBuilder.Build()
{
if (string.IsNullOrEmpty(this.callbackUri))
{
throw new ApplicationException($"{nameof(this.callbackUri)} cannot be null or empty.");
}
var jti = this.jtiProvider.NewJti();
var apiKey = this.internalDataStore.ApiKey;
IJwtBuilder jwtBuilder = new DefaultJwtBuilder(this.internalDataStore.Serializer);
jwtBuilder
.SetId(jti)
.SetIssuedAt(this.clock.Now)
.SetIssuer(apiKey.GetId())
.SetSubject(this.applicationHref)
.SetClaim(IdSiteClaims.RedirectUri, this.callbackUri)
.SignWith(apiKey.GetSecret(), Encoding.UTF8);
if (!string.IsNullOrEmpty(this.path))
{
jwtBuilder.SetClaim(IdSiteClaims.Path, this.path);
}
if (!string.IsNullOrEmpty(this.state))
{
jwtBuilder.SetClaim(IdSiteClaims.State, this.state);
}
if (!string.IsNullOrEmpty(this.organizationNameKey))
{
jwtBuilder.SetClaim(IdSiteClaims.OrganizationNameKey, this.organizationNameKey);
}
if (this.useSubdomain != null)
{
jwtBuilder.SetClaim(IdSiteClaims.UseSubdomain, this.useSubdomain.Value);
}
if (this.showOrganizationField != null)
{
jwtBuilder.SetClaim(IdSiteClaims.ShowOrganizationField, this.showOrganizationField.Value);
}
string jwt = jwtBuilder.Build()
.ToString();
var urlBuilder = new StringBuilder(this.ssoEndpoint);
if (this.logout)
{
urlBuilder.Append(logoutSuffix);
}
urlBuilder.Append($"?{IdSiteClaims.JwtRequest}={jwt}");
return urlBuilder.ToString();
}
