private JwsDescriptor CreateJws(JwtObject header)
{
var jws = new JwsDescriptor(header, _jsonPayload !);
if (_signingKey != null)
{
var alg = _signingKey.SignatureAlgorithm ?? _algorithm;
if (alg is null)
{
throw new InvalidOperationException($"No algorithm is defined for the signature. Set the 'SignatureAlgorithm' property on the signing key, or specify a '{nameof(SignatureAlgorithm)}' to the '{nameof(SignWith)}' method.");
}
if (alg == SignatureAlgorithm.None)
{
throw new InvalidOperationException($"The algorithm 'none' defined with a signing key. Specify either a signing with with a {nameof(SignatureAlgorithm)} different of 'none', or specify the {nameof(SignatureAlgorithm)} 'none' without signing key.");
}
jws.SigningKey = _signingKey;
if (_algorithm != null)
{
jws.Algorithm = _algorithm;
}
}
else if (_noSignature)
{
jws.Algorithm = SignatureAlgorithm.None;
}
else
{
ThrowHelper.ThrowInvalidOperationException_NoSigningKeyDefined();
}
if (_automaticId)
{
jws.JwtId = Guid.NewGuid().ToString("N");
}
if (_expireAfter.HasValue)
{
jws.ExpirationTime = DateTime.UtcNow.AddSeconds(_expireAfter.Value);
}
if (_notBefore.HasValue)
{
jws.NotBefore = DateTime.UtcNow.AddSeconds(_notBefore.Value);
}
if (_automaticIssuedAt)
{
jws.IssuedAt = DateTime.UtcNow;
}
return(jws);
}
