public JwtOAuthServerOptions(
JwtOAuthServerSettings serverSettings,
IOAuthAuthorizationServerProvider provider,
JwtAccessTokenFormat jwtAccessTokenFormat)
{
if (serverSettings == null)
{
throw new ArgumentNullException(nameof(serverSettings));
}
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (jwtAccessTokenFormat == null)
{
throw new ArgumentNullException(nameof(jwtAccessTokenFormat));
}
this.AuthenticationType = "JWT";
this.AllowInsecureHttp = serverSettings.AllowInsecureHttp;
this.AccessTokenExpireTimeSpan = serverSettings.AccessTokenExpireTimeSpan;
this.TokenEndpointPath = serverSettings.TokenEndpointPath;
this.Provider = provider;
this.AccessTokenFormat = jwtAccessTokenFormat;
}
/// <summary>
/// Initializes a new instance of the <see cref="JwtAccessTokenFormat" /> class.
/// </summary>
/// <param name="serverSettings">The server settings.</param>
/// <exception cref="System.ArgumentNullException">If serverSettings is null.</exception>
/// <exception cref="System.InvalidOperationException">If serverSettings configuration is invalid.</exception>
/// <exception cref="System.FormatException">If a client secret is not base 64 url encoded.</exception>
public JwtAccessTokenFormat(JwtOAuthServerSettings serverSettings)
{
if (serverSettings == null)
{
throw new ArgumentNullException(nameof(serverSettings));
}
this.serverSettings = serverSettings;
foreach (var client in this.serverSettings.AllowedClients)
{
if (client.RelativeFileCertificate != null && client.StoreCertificate != null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, Messages.Exception_JwtAccessTokenFormat_MultipleCertificateOptionsProvided, client.Id));
}
var certificateFetcher = GetCertificateFetcher(client);
if (certificateFetcher != null)
{
var certificate = certificateFetcher.Fetch();
if (certificate == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, Messages.Exception_JwtAccessTokenFormat_CertificateNotFound, client.Id));
}
}
// Try decoding each secret early to detect if there is a configuration problem
TextEncodings.Base64Url.Decode(client.Secret);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="JwtOAuthClientValidatingServerProvider"/> class.
/// </summary>
/// <param name="serverSettings">The server settings.</param>
/// <param name="authenticator">The authenticator.</param>
/// <exception cref="System.ArgumentNullException">If any arguments are null.</exception>
public JwtOAuthClientValidatingServerProvider(
JwtOAuthServerSettings serverSettings,
IAuthenticator authenticator)
{
if (serverSettings == null)
{
throw new ArgumentNullException(nameof(serverSettings));
}
if (authenticator == null)
{
throw new ArgumentNullException(nameof(authenticator));
}
this.ServerSettings = serverSettings;
this.Authenticator = authenticator;
}
