/// <summary> /// Creates the JWT header /// </summary> /// <param name="token">The token.</param> /// <param name="credential">The credentials.</param> /// <returns>The JWT header</returns> protected virtual async Task <JwtHeader> CreateHeaderAsync(Token token, SecurityKey key) { JwtHeader header = null; #if DOTNET5_4 header = new JwtHeader(new SigningCredentials(key, SecurityAlgorithms.RsaSha256Signature)); #elif NET451 header = new JwtHeader(new SigningCredentials(key, SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest)); var x509key = key as X509SecurityKey; if (x509key != null) { header.Add("kid", await _keyService.GetKidAsync(x509key.Certificate)); header.Add("x5t", await _keyService.GetKidAsync(x509key.Certificate)); } #endif return(header); }
/// <summary> /// Creates the JWT header /// </summary> /// <param name="credential">The credentials.</param> /// <returns>The JWT header</returns> private async Task <JwtHeader> CreateHeaderAsync(SigningCredentials credential) { var header = new JwtHeader(credential); var x509credential = credential as X509SigningCredentials; if (x509credential != null) { header.Add("kid", await _keyService.GetKidAsync(x509credential.Certificate)); } return(header); }
private async Task <IEndpointResult> ExecuteJwksAsync(HttpContext context) { _logger.LogTrace("Start key discovery request"); if (_options.DiscoveryOptions.ShowKeySet == false) { _logger.LogInformation("Key discovery disabled. 404."); return(new StatusCodeResult(404)); } var webKeys = new List <Models.JsonWebKey>(); foreach (var key in await _keyService.GetValidationKeysAsync()) { if (key != null) { var x509Key = new X509SecurityKey(key); var cert64 = Convert.ToBase64String(key.RawData); var thumbprint = Base64Url.Encode(key.GetCertHash()); var pubKey = x509Key.PublicKey as RSA; var parameters = pubKey.ExportParameters(false); var exponent = Base64Url.Encode(parameters.Exponent); var modulus = Base64Url.Encode(parameters.Modulus); var webKey = new Models.JsonWebKey { kty = "RSA", use = "sig", kid = await _keyService.GetKidAsync(key), x5t = thumbprint, e = exponent, n = modulus, x5c = new[] { cert64 } }; webKeys.Add(webKey); } } return(new JsonWebKeysResult(webKeys)); }