/// <summary> /// 添加开发者全局签名证书(默认原生兼容 IdentityServer4 生成的临时密钥文件)。 /// </summary> /// <param name="builder">给定的 <see cref="IEncryptionBuilder"/>。</param> /// <param name="persistKey">是否持久化密钥(可选;默认持久化)。</param> /// <param name="fileName">给定的文件名(可选;默认兼容 IdentityServer4 生成的临时密钥文件)。</param> /// <returns>返回 <see cref="IEncryptionBuilder"/>。</returns> public static IEncryptionBuilder AddDeveloperGlobalSigningCredentials(this IEncryptionBuilder builder, bool persistKey = true, string fileName = null) { var key = RsaSecurityKeyHelper.Load(fileName, persistKey); return(builder.AddGlobalSigningCredentials(key)); }
/// <summary> /// 添加全局签名证书。 /// </summary> /// <param name="builder">给定的 <see cref="IEncryptionBuilder"/>。</param> /// <param name="certificate">给定的 <see cref="X509Certificate2"/>。</param> /// <returns>返回 <see cref="IEncryptionBuilder"/>。</returns> public static IEncryptionBuilder AddGlobalSigningCredentials(this IEncryptionBuilder builder, X509Certificate2 certificate) { if (!certificate.NotNull(nameof(certificate)).HasPrivateKey) { throw new InvalidOperationException(InternalResource.InvalidOperationExceptionNotHavePrivateKeyFormat.Format(nameof(X509Certificate2))); } var credentials = new SigningCredentials(new X509SecurityKey(certificate), SecurityAlgorithms.RsaSha256); return(builder.AddGlobalSigningCredentials(credentials)); }
public static IEncryptionBuilder AddGlobalSigningCredentials(this IEncryptionBuilder builder, RsaSecurityKey rsaKey) { rsaKey.NotNull(nameof(rsaKey)); if (rsaKey.PrivateKeyStatus == PrivateKeyStatus.DoesNotExist) { throw new InvalidOperationException(InternalResource.InvalidOperationExceptionNotHavePrivateKeyFormat.Format(nameof(RsaSecurityKey))); } var credential = new SigningCredentials(rsaKey, SecurityAlgorithms.RsaSha256); return(builder.AddGlobalSigningCredentials(credential)); }