Exemple #1
0
        protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
        {
            //Logger.LogDebug($"Token: {tokens.AccessToken}");

            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler
            {
                MapInboundClaims = true
            };

            //Читаем токен
            SecurityToken T       = tokenHandler.ReadToken(tokens.AccessToken);
            string        KeyName = (string)((JwtSecurityToken)T).Header["x5t"];

            X509Certificate2 Cer = await ADFSMetadata.Instance(Options.Server, Logger).GetCertificate(KeyName);

            X509SecurityKey signingKey = new X509SecurityKey(Cer);

            TokenValidationParameters V = new TokenValidationParameters
            {
                ValidAudience            = $"microsoft:identityserver:{Options.Resource}",
                IssuerSigningKey         = signingKey,
                ValidateIssuerSigningKey = true,
                ValidIssuer    = Options.ValidIssuer,
                ValidateIssuer = true,
            };



            var principal = tokenHandler.ValidateToken(tokens.AccessToken, V, out T);

            await _processor?.TicketCreated(new ADFSCreatingTiketContext(principal));

            return(new AuthenticationTicket(principal, properties, Scheme.Name));
        }
Exemple #2
0
        public static ADFSMetadata Instance(string Server, ILogger logger)
        {
            ADFSMetadata res = Instances.Where(p => p._server == Server).FirstOrDefault();

            if (res == null)
            {
                res = new ADFSMetadata(Server, logger);
                Instances.Add(res);
            }
            return(res);
        }