public static AuthMetadata GetAuthMetadata(string content, bool requireIssuingEndpoint)
{
JsonMetadataDocument document = AuthMetadataParser.GetDocument <JsonMetadataDocument>(content);
AuthMetadata authMetadata = new AuthMetadata();
AuthMetadataParser.ExtractServiceNameRealmAndIssuer(document, authMetadata);
if (document.keys == null)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
string[] array = (from k in document.keys
where string.Equals(k.usage, AuthMetadataConstants.KeyUsage, StringComparison.OrdinalIgnoreCase) && k.keyvalue != null && string.Equals(k.keyvalue.type, AuthMetadataConstants.SigningKeyType, StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(k.keyvalue.value)
select k.keyvalue.value).ToArray <string>();
if (array.Length == 0)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
authMetadata.CertificateStrings = array;
if (document.endpoints != null)
{
string[] array2 = (from e in document.endpoints
where string.Equals(e.protocol, AuthMetadataConstants.Protocol, StringComparison.OrdinalIgnoreCase) && string.Equals(e.usage, AuthMetadataConstants.IssuingEndpointUsage, StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(e.location)
select e.location).ToArray <string>();
if (array2.Length > 0)
{
authMetadata.IssuingEndpoint = array2[0];
}
}
if (requireIssuingEndpoint && string.IsNullOrEmpty(authMetadata.IssuingEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoIssuingEndpoint);
}
return(authMetadata);
}
public static AuthMetadata GetOpenIdConnectAuthMetadata(string content, bool requireIssuingEndpoint)
{
OpenIdConnectJsonMetadataDocument document = AuthMetadataParser.GetDocument <OpenIdConnectJsonMetadataDocument>(content);
AuthMetadata authMetadata = new AuthMetadata();
if (!string.IsNullOrEmpty(document.token_endpoint))
{
authMetadata.IssuingEndpoint = document.token_endpoint.Trim();
}
if (requireIssuingEndpoint && string.IsNullOrEmpty(authMetadata.IssuingEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoIssuingEndpoint);
}
string serviceName;
string realm;
if (AuthMetadataParser.TryExtractUrlFormatServiceNameAndRealm(document.issuer, out serviceName, out realm))
{
authMetadata.ServiceName = serviceName;
authMetadata.Realm = realm;
}
if (string.IsNullOrEmpty(authMetadata.ServiceName))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataCannotResolveServiceName);
}
if (!string.IsNullOrEmpty(document.jwks_uri))
{
authMetadata.KeysEndpoint = document.jwks_uri.Trim();
}
if (string.IsNullOrEmpty(authMetadata.KeysEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
if (!string.IsNullOrEmpty(document.authorization_endpoint))
{
authMetadata.AuthorizationEndpoint = document.authorization_endpoint.Trim();
}
if (string.IsNullOrEmpty(authMetadata.AuthorizationEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoIssuingEndpoint);
}
return(authMetadata);
}
public static AuthMetadata GetOpenIdConnectKeys(string content, AuthMetadata authData)
{
OpenIdConnectKeysJsonMetadataDocument document = AuthMetadataParser.GetDocument <OpenIdConnectKeysJsonMetadataDocument>(content);
if (document.keys == null)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
if (authData == null)
{
authData = new AuthMetadata();
}
string[] array = (from k in document.keys
where !string.IsNullOrEmpty(k.use) && k.use.Equals(AuthMetadataConstants.OpenIdConnectSigningKeyUsage, StringComparison.OrdinalIgnoreCase) && k.x5c != null && k.x5c.Length > 0
select k.x5c[0]).ToArray <string>();
if (array.Length == 0)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
authData.CertificateStrings = array;
return(authData);
}