private SecurityTokenDescriptor BuildDescriptorUsingIUAProfile(TokenContract claims)
{
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim(IUAClaimTypes.JWTId, Guid.NewGuid().ToString()),
new Claim(IUAClaimTypes.Subject, claims.Subject),
new Claim(IUAClaimTypes.SubjectIdentifier, claims.SubjectId),
new Claim(IUAClaimTypes.SubjectRole, claims.SubjectRole.Code),
new Claim(IUAClaimTypes.SubjectOrganization, claims.Organization),
new Claim(IUAClaimTypes.OrganizationIdentifier, claims.OrganizationId.ToString()),
new Claim(IUAClaimTypes.PurposeOfUse, claims.PurposeOfUse.Code)
}),
TokenIssuerName = claims.SigningCertificate.SubjectName.Name,
AppliesToAddress = IUAClaimTypes.AppliesToAddress,
Lifetime = new Lifetime(DateTime.Now.ToUniversalTime(), claims.Expiration),
};
if (!String.IsNullOrEmpty(claims.Npi))
{
tokenDescriptor.Subject.AddClaim(new Claim(IUAClaimTypes.NationalProviderIdentifier, claims.Npi));
}
if (claims.HomeCommunityId != null)
{
tokenDescriptor.Subject.AddClaim(new Claim(XspaClaimTypes.HomeCommunityId,
claims.HomeCommunityId.ToString()));
}
return(tokenDescriptor);
}
public T GenerateToken <T>(TokenContract contract) where T : SecurityToken
{
if (contract is SamlTokenContract)
{
return(BuildSamlToken(contract as SamlTokenContract) as T);
}
if (contract is JWTTokenContract)
{
return(BuildJwtToken(contract as JWTTokenContract) as T);
}
throw new ArgumentException(String.Format("Unsupported token contract: {0}", contract.GetType().Name),
"contract");
}
