/// <summary> /// Load the certificate from the description if needed. /// </summary> /// <param name="certificateDescription">Description of the certificate.</param> public void LoadIfNeeded(CertificateDescription certificateDescription) { if (certificateDescription.Certificate == null) { switch (certificateDescription.SourceType) { case CertificateSource.KeyVault: certificateDescription.Certificate = LoadFromKeyVault(certificateDescription.Container !, certificateDescription.ReferenceOrValue !); break; case CertificateSource.Base64Encoded: certificateDescription.Certificate = LoadFromBase64Encoded(certificateDescription.ReferenceOrValue !); break; case CertificateSource.Path: certificateDescription.Certificate = LoadFromPath(certificateDescription.Container !, certificateDescription.ReferenceOrValue !); break; case CertificateSource.StoreWithThumbprint: certificateDescription.Certificate = LoadFromStoreWithThumbprint(certificateDescription.ReferenceOrValue !, certificateDescription.Container !); break; case CertificateSource.StoreWithDistinguishedName: certificateDescription.Certificate = LoadFromStoreWithDistinguishedName(certificateDescription.ReferenceOrValue !, certificateDescription.Container !); break; default: break; } } }
internal static void HandleLegacyTokenDecryptionCertificateParameter(MicrosoftIdentityOptions options, Action <MicrosoftIdentityOptions> configureMicrosoftIdentityOptions, X509Certificate2?tokenDecryptionCertificate) { // Case where a legacy tokenDecryptionCertificate was passed. We then replace // the delegate called by the developer by a delegate which calls the delegate // of the developer and insert the certificate in the TokenDecryptionCertificates if (tokenDecryptionCertificate != null) { // Call the method that the developer provided to setup the options configureMicrosoftIdentityOptions(options); // Prepare a list and add the tokenDecryptionCertificate List <CertificateDescription> newCertificateDescriptions = new List <CertificateDescription> { CertificateDescription.FromCertificate(tokenDecryptionCertificate), }; // Add as well the token validation certificate descriptions in the options if there are any if (options.TokenDecryptionCertificates != null) { newCertificateDescriptions.AddRange(options.TokenDecryptionCertificates); } } else { // just call the method that the developer provided to setup the options configureMicrosoftIdentityOptions(options); } }
internal /*for test only*/ static X509Certificate2?LoadFirstCertificate(IEnumerable <CertificateDescription> certificateDescription) { DefaultCertificateLoader defaultCertificateLoader = new DefaultCertificateLoader(); CertificateDescription certDescription = certificateDescription.First(); defaultCertificateLoader.LoadIfNeeded(certDescription); return(certDescription.Certificate); }