private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope) { var response = new TokenResponse(); if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken) { response.AccessToken = token.TokenXml.OuterXml; response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds); } else { var bridge = new AdfsBridge(ConfigurationRepository); if (ConfigurationRepository.Keys.DecryptionCertificate != null) { var configuration = new SecurityTokenHandlerConfiguration { AudienceRestriction = { AudienceMode = AudienceUriMode.Never }, CertificateValidationMode = X509CertificateValidationMode.None, RevocationMode = X509RevocationMode.NoCheck, CertificateValidator = X509CertificateValidator.None, ServiceTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver( new ReadOnlyCollection <SecurityToken>(new SecurityToken[] { new X509SecurityToken(ConfigurationRepository.Keys.DecryptionCertificate) }), false) }; var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration); response = bridge.ConvertSamlToJwt(token.ToSecurityToken(handler), scope); } else { response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope); } } return(Request.CreateResponse <TokenResponse>(HttpStatusCode.OK, response)); }
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope) { var response = new TokenResponse(); if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken) { response.AccessToken = token.TokenXml.OuterXml; response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds); } else { var bridge = new AdfsBridge(ConfigurationRepository); response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope); } return(Request.CreateResponse <TokenResponse>(HttpStatusCode.OK, response)); }
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope) { var response = new TokenResponse(); if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken) { response.AccessToken = token.TokenXml.OuterXml; response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds); } else { var bridge = new AdfsBridge(ConfigurationRepository); response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope); } return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, response); }
private HttpResponseMessage CreateTokenResponse(GenericXmlSecurityToken token, string scope) { var response = new TokenResponse(); if (ConfigurationRepository.AdfsIntegration.PassThruAuthenticationToken) { response.AccessToken = token.TokenXml.OuterXml; response.ExpiresIn = (int)(token.ValidTo.Subtract(DateTime.UtcNow).TotalSeconds); } else { var bridge = new AdfsBridge(ConfigurationRepository); if (ConfigurationRepository.Keys.DecryptionCertificate != null) { var configuration = new SecurityTokenHandlerConfiguration { AudienceRestriction = { AudienceMode = AudienceUriMode.Never }, CertificateValidationMode = X509CertificateValidationMode.None, RevocationMode = X509RevocationMode.NoCheck, CertificateValidator = X509CertificateValidator.None, ServiceTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver( new ReadOnlyCollection<SecurityToken>(new SecurityToken[] { new X509SecurityToken(ConfigurationRepository.Keys.DecryptionCertificate) }), false) }; var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration); response = bridge.ConvertSamlToJwt(token.ToSecurityToken(handler), scope); } else { response = bridge.ConvertSamlToJwt(token.ToSecurityToken(), scope); } } return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, response); }