public static TokenVerificationKey AsTokenVerificationKey(this JsonWebKey jwk) { X509Certificate2 cert = null; X509CertTokenVerificationKey key = null; if (jwk.X5c != null && jwk.X5c.Count > 0) { cert = new X509Certificate2(Convert.FromBase64String(jwk.X5c.First())); key = new X509CertTokenVerificationKey(cert); return key; } if (!String.IsNullOrEmpty(jwk.N) && !String.IsNullOrEmpty(jwk.E)) { RsaTokenVerificationKey rsaToken = new RsaTokenVerificationKey(); RSAParameters rsaParams = new RSAParameters() { Modulus = EncodeUtilities.Base64UrlDecode(jwk.N), Exponent = EncodeUtilities.Base64UrlDecode(jwk.E) }; rsaToken.InitFromRsaParameters(rsaParams); return rsaToken; } throw new NotSupportedException(StringTable.NotSupportedJwkToTokenVerificationKeyConversion); }
public void FetchKeyWithRSATokenValidationKeyAsPrimaryVerificationKey() { //Create a new RSACryptoServiceProvider object. using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider()) { //Export the key information to an RSAParameters object. //Pass false to export the public key information or pass //true to export public and private key information. RSAParameters RSAParams = RSA.ExportParameters(true); TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT); var tokenVerificationKey = new RsaTokenVerificationKey(); tokenVerificationKey.InitFromRsaParameters(RSAParams); tokenRestrictionTemplate.PrimaryVerificationKey = tokenVerificationKey; tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl"; tokenRestrictionTemplate.Issuer = "http://sampleAudience"; string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate); } }