string GetAccessToken()
{
var jwk = new JsonWebKey
{
Kty = "oct",
Alg = "HS256",
K = Base64Url.Encode(_symmetricKey)
};
var cnf = new Cnf(jwk);
var cnfJson = cnf.ToJson();
var claims = new Claim[] {
new Claim("sub", "123"),
new Claim("cnf", cnfJson)
};
var id = new ClaimsIdentity(claims, "password");
var subject = new ClaimsPrincipal(id);
var handler = new JwtSecurityTokenHandler();
var token = new JwtSecurityToken(
"issuer", "audience",
subject.Claims,
notBefore: DateTime.UtcNow.AddSeconds(-5),
expires: DateTime.UtcNow.AddMinutes(5),
signingCredentials: new X509SigningCredentials(SigningCertificate.Cert));
var jwt = handler.WriteToken(token);
return(jwt);
}
static HttpSignatureValidationMiddlewareTests()
{
var jwk = new JsonWebKey
{
Kty = "oct",
Alg = "HS256",
K = Base64Url.Encode(_symmetricKey)
};
var cnf = new Cnf(jwk);
var cnfJson = cnf.ToJson();
var claims = new Claim[]
{
new Claim("cnf", cnfJson)
};
_cnfIdentity = new ClaimsIdentity(claims, "PoP");
}