public static TokenVerificationKey AsTokenVerificationKey(this JsonWebKey jwk)
        {
            X509Certificate2             cert = null;
            X509CertTokenVerificationKey key  = null;

            if (jwk.X5c != null && jwk.X5c.Count > 0)
            {
                cert = new X509Certificate2(Convert.FromBase64String(jwk.X5c.First()));
                key  = new X509CertTokenVerificationKey(cert);
                return(key);
            }

            if (!String.IsNullOrEmpty(jwk.N) && !String.IsNullOrEmpty(jwk.E))
            {
                RsaTokenVerificationKey rsaToken  = new RsaTokenVerificationKey();
                RSAParameters           rsaParams = new RSAParameters()
                {
                    Modulus  = EncodeUtilities.Base64UrlDecode(jwk.N),
                    Exponent = EncodeUtilities.Base64UrlDecode(jwk.E)
                };

                rsaToken.InitFromRsaParameters(rsaParams);
                return(rsaToken);
            }
            throw new NotSupportedException(StringTable.NotSupportedJwkToTokenVerificationKeyConversion);
        }
        public void RSATokenVerificationKeyRoundTrip()
        {
            TokenRestrictionTemplate template             = new TokenRestrictionTemplate(TokenType.JWT);
            RsaTokenVerificationKey  tokenVerificationKey = new RsaTokenVerificationKey();
            RSAParameters            inputRsaParameters;

            using (RSACryptoServiceProvider provider = new RSACryptoServiceProvider())
            {
                inputRsaParameters = provider.ExportParameters(true);

                tokenVerificationKey.InitFromRsaParameters(inputRsaParameters);
            }
            Assert.IsNotNull(tokenVerificationKey.RawBody);
            template.Audience = _sampleAudience;
            template.Issuer   = _sampleIssuer;
            template.PrimaryVerificationKey = tokenVerificationKey;
            var templateAsString = TokenRestrictionTemplateSerializer.Serialize(template);

            Assert.IsTrue(templateAsString.Contains("<PrimaryVerificationKey i:type=\"RsaTokenVerificationKey\">"));
            TokenRestrictionTemplate output = TokenRestrictionTemplateSerializer.Deserialize(templateAsString);

            Assert.AreEqual(TokenType.JWT, output.TokenType);
            Assert.IsNotNull(output.PrimaryVerificationKey);
            Assert.IsNotNull(output.PrimaryVerificationKey as RsaTokenVerificationKey);
            RsaTokenVerificationKey key = output.PrimaryVerificationKey as RsaTokenVerificationKey;

            Assert.IsNotNull(key.RawBody);
            RSAParameters outputRsaParametersutParameters = key.GetRsaParameters();

            Assert.IsNotNull(outputRsaParametersutParameters);
            Assert.IsNotNull(outputRsaParametersutParameters.Exponent);
            Assert.IsNotNull(outputRsaParametersutParameters.Modulus);
            //Check that we are storing only public signing key
            Assert.IsNull(outputRsaParametersutParameters.P);
            Assert.IsNull(outputRsaParametersutParameters.Q);
            Assert.IsNull(outputRsaParametersutParameters.D);
            Assert.IsNull(outputRsaParametersutParameters.DP);
            Assert.IsNull(outputRsaParametersutParameters.DQ);
            //Checking that public key matching
            Assert.IsTrue(inputRsaParameters.Exponent.SequenceEqual(outputRsaParametersutParameters.Exponent), "Exponent value mismatch");
            Assert.IsTrue(inputRsaParameters.Modulus.SequenceEqual(outputRsaParametersutParameters.Modulus), "Modulus value mismatch");
        }
        public void FetchKeyWithRSATokenValidationKeyAsPrimaryVerificationKey()
        {
            //Create a new RSACryptoServiceProvider object.
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {
                //Export the key information to an RSAParameters object.
                //Pass false to export the public key information or pass
                //true to export public and private key information.
                RSAParameters RSAParams = RSA.ExportParameters(true);

                TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);

                var tokenVerificationKey = new RsaTokenVerificationKey();
                tokenVerificationKey.InitFromRsaParameters(RSAParams);
                tokenRestrictionTemplate.PrimaryVerificationKey = tokenVerificationKey;

                tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl";
                tokenRestrictionTemplate.Issuer   = "http://sampleAudience";
                string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
            }
        }