private async Task <AzureKeyVaultSignatureProvider> Refresher() { var cachedData = await _keyVaultCache.GetKeyVaultCacheDataAsync(); var keyIdentifier = cachedData.KeyIdentifier; var signatureProvider = new AzureKeyVaultSignatureProvider( keyIdentifier.Identifier, JsonWebKeySignatureAlgorithm.RS256, new AzureKeyVaultAuthentication(_keyVaultOptions.Value.ClientId, _keyVaultOptions.Value.ClientSecret).KeyVaultClientAuthenticationCallback); return(signatureProvider); }
/// <summary> /// Applies the signature to the JWT /// </summary> /// <param name="jwt">The JWT object.</param> /// <returns>The signed JWT</returns> protected override async Task <string> CreateJwtAsync(JwtSecurityToken jwt) { var cachedData = await _keyVaultCache.GetKeyVaultCacheDataAsync(); var rawDataBytes = System.Text.Encoding.UTF8.GetBytes(jwt.EncodedHeader + "." + jwt.EncodedPayload); var keyIdentifier = cachedData.KeyIdentifier; var signatureProvider = new AzureKeyVaultSignatureProvider( keyIdentifier.Identifier, JsonWebKeySignatureAlgorithm.RS256, new AzureKeyVaultAuthentication(_keyVaultOptions.Value.ClientId, _keyVaultOptions.Value.ClientSecret).KeyVaultClientAuthenticationCallback); var rawSignature = await Task.Run(() => Base64UrlEncoder.Encode(signatureProvider.Sign(rawDataBytes))).ConfigureAwait(false); return(jwt.EncodedHeader + "." + jwt.EncodedPayload + "." + rawSignature); }