public static JsonWebKeySet GetJwks()
{
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(
(authority, resource, scope) => KeyVaultUtil.GetToken(authority, resource, scope)));
var key = Task.Run(() => keyVaultClient.GetKeyAsync(SignKey())).ConfigureAwait(false).GetAwaiter().GetResult();
var e = Base64UrlEncoder.Encode(key.Key.E);
var n = Base64UrlEncoder.Encode(key.Key.E);
var jsonWebKey = new Microsoft.IdentityModel.Tokens.JsonWebKey()
{
Kid = KEY,
Kty = "RSA",
E = Base64UrlEncoder.Encode(key.Key.E),
N = Base64UrlEncoder.Encode(key.Key.N),
Alg = "RS256"
};
JsonWebKeySet jsonWebKeySet = new JsonWebKeySet();
jsonWebKeySet.Keys.Add(jsonWebKey);
return(jsonWebKeySet);
}
public static string Sign(byte[] inputBytes)
{
// signature
SHA256 sha256 = SHA256Managed.Create();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(
(authority, resource, scope) => KeyVaultUtil.GetToken(authority, resource, scope)));
KeyOperationResult resultSign = Task.Run(() => keyVaultClient.SignAsync(SignKey(),
JsonWebKeySignatureAlgorithm.RS256, sha256.ComputeHash(inputBytes)))
.ConfigureAwait(false).GetAwaiter().GetResult();
var signatureEncoded = System.Convert.ToBase64String(resultSign.Result);
return(signatureEncoded);
}
