public void Find_ReturnsNotFoundWhenCertificateDoesNotExist()
{
var sut = new CertificateFinder();
var result = sut.Find(X509FindType.FindByThumbprint, "somethingthatdoesnotexist");
Assert.False(result.Found);
}
public void Find_ReturnsNotFoundWhenCertificateDoesNotExist()
{
var sut = new CertificateFinder();
var result = sut.Find(X509FindType.FindByThumbprint, "somethingthatdoesnotexist");
Assert.False(result.Found);
}
public void Find_FindsAStoredCertificateByThumbprint()
{
var certificate = CreateCertificateIn(StoreName.My, StoreLocation.CurrentUser);
var sut = new CertificateFinder();
var result = sut.Find(X509FindType.FindByThumbprint, certificate.Thumbprint);
Assert.True(result.Found);
}
public void Find_FindsAStoredCertificateByThumbprint()
{
var certificate = CreateCertificateIn(StoreName.My, StoreLocation.CurrentUser);
var sut = new CertificateFinder();
var result = sut.Find(X509FindType.FindByThumbprint, certificate.Thumbprint);
Assert.True(result.Found);
}
public static S2SAuthClient CreateWithCertificateByName(long clientSiteId, string clientCertificateName, Uri msaAuthenticationUrl, IWebClient webClient = null)
{
if (string.IsNullOrEmpty(clientCertificateName))
{
throw new ArgumentException("Client certificate name cannot be null");
}
X509Certificate2 certificate = CertificateFinder.FindCertificateByName(clientCertificateName, true, true);
return(S2SAuthClient.Create(clientSiteId, certificate, msaAuthenticationUrl, webClient));
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddHttpClient("Server", client => { client.BaseAddress = new Uri(ServerUrl); });
services.AddHttpClient("ServerWithCertificate", client => { client.BaseAddress = new Uri(ServerUrl); })
.AddClientCertificate(provider =>
{
var certSubject1 = Configuration["ServerCertificateSubject"];
return(CertificateFinder.FindBySubject(certSubject1));
});
}
/// <inheritdoc/>
public async Task <string?> RequestTokenAsync()
{
this.logger?.LogInformation("Requesting token from identity provider.");
if (this.confidentialClientApplication == null)
{
ValidationResult validationResult = this.aadAppConfiguration.ValidationResult();
if (!validationResult.Success)
{
throw new ArgumentException(validationResult.Message);
}
if (!string.IsNullOrEmpty(this.aadAppConfiguration.CertificateSubjectName))
{
this.confidentialClientApplication = ConfidentialClientApplicationBuilder.Create(this.aadAppConfiguration.ClientId)
.WithCertificate(CertificateFinder.FindBySubjectName(this.aadAppConfiguration.CertificateSubjectName, DateTime.UtcNow))
.WithAuthority(AzureCloudInstance.AzurePublic, this.aadAppConfiguration.TenantId)
.Build();
}
else
{
this.confidentialClientApplication = ConfidentialClientApplicationBuilder.Create(this.aadAppConfiguration.ClientId)
.WithClientSecret(this.aadAppConfiguration.ClientSecret)
.WithAuthority(AzureCloudInstance.AzurePublic, this.aadAppConfiguration.TenantId)
.Build();
}
}
AuthenticationResult?result;
try
{
result = await this.confidentialClientApplication.AcquireTokenForClient(this.aadAppConfiguration.Scopes)
.ExecuteAsync();
this.logger?.LogInformation("Token requested successfully.");
this.logger?.LogDebug($"Access token: {result.AccessToken}");
this.logger?.LogDebug($"Expires on : {result.ExpiresOn}");
this.logger?.LogDebug($"Scopes : {string.Join(";", result.Scopes)}");
}
catch (MsalException e)
{
this.logger?.LogError(e, "Requesting token failed");
throw;
}
return(result.AccessToken);
}
private void AttachIdentityServer(IAppBuilder app)
{
app.Map(
"/identity",
idapp =>
{
var factory = CustomIdentityServerFactoryFactory.Create();
CustomIdentityServerFactoryFactory.ReConfigureForCustomUsers(factory, MemebersConnName);
var options = new IdentityServerOptions()
{
SigningCertificate = CertificateFinder.GetDefault(),
Factory = factory,
SiteName = "PoC Identity",
IssuerUri = "https://localhost:44333/identity",
CorsPolicy = CorsPolicy.AllowAll
};
idapp.UseIdentityServer(options);
});
}
private void button1_Click(object sender, EventArgs e)
{
var certs = CertificateFinder.GetCertificateLocations();
certificate = CertificateSelecter.ShowSelectionDialog(certs, out string password);
if (certificate == null)
{
MessageBox.Show("선택되지 않음", "오류", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
try
{
certificate.PrivateKeyInfo = CertificateLoader.DecryptPrivateKey(certificate, password);
}
catch (LibNPKI.Exceptions.IncorretPasswordException)
{
MessageBox.Show("잘못된 비밀번호입니다.", "오류", MessageBoxButtons.OK, MessageBoxIcon.Error);
certificate = null;
return;
}
groupBox1.Visible = true;
groupBox1.Enabled = true;
}
public IConfidentialClientApplication CreateConfidentialClientApplication(string certificateSubjectName) => ConfidentialClientApplicationBuilder .Create(ClientId) .WithCertificate(CertificateFinder.FindBySubjectName(certificateSubjectName, DateTime.UtcNow)) .WithAuthority(AzureCloudInstance.AzurePublic, TenantId) .Build();
