private static JsonMetadataDocument GetMetadataDocument(string realm) { string acsMetadataEndpointUrlWithRealm = String.Format(CultureInfo.InvariantCulture, "{0}?realm={1}", GetAcsMetadataEndpointUrl(), realm); byte[] acsMetadata; using (WebClient webClient = new WebClient()) { acsMetadata = webClient.DownloadData(acsMetadataEndpointUrlWithRealm); } string jsonResponseString = Encoding.UTF8.GetString(acsMetadata); JavaScriptSerializer serializer = new JavaScriptSerializer(); JsonMetadataDocument document = serializer.Deserialize <JsonMetadataDocument>(jsonResponseString); if (null == document) { throw new Exception("No metadata document found at the global endpoint " + acsMetadataEndpointUrlWithRealm); } return(document); }
private JsonMetadataDocument BuildJsonMetadataDocument() { string text = null; string serviceName = OAuthConfigHelper.GetServiceName(); if (!VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled) { text = OAuthConfigHelper.GetOrganizationRealm(OrganizationId.ForestWideOrgId); } else { text = "*"; } X509Certificate2 currentSigningKey = OAuthConfigHelper.GetCurrentSigningKey(); X509Certificate2 x509Certificate = null; try { x509Certificate = OAuthConfigHelper.GetPreviousSigningKey(); } catch (InvalidAuthConfigurationException arg) { this.Tracer.TraceDebug <InvalidAuthConfigurationException>((long)this.GetHashCode(), "[AuthMetadataBuilder.BuildJsonMetadataDocument] failed to get previous signing key with exception: {0}", arg); } JsonMetadataDocument jsonMetadataDocument = new JsonMetadataDocument(); jsonMetadataDocument.id = string.Format("_{0}", Guid.NewGuid().ToString("d")); jsonMetadataDocument.version = AuthMetadataBuilder.Version; jsonMetadataDocument.name = AuthMetadataBuilder.ServiceShortName; jsonMetadataDocument.realm = text; jsonMetadataDocument.serviceName = serviceName; jsonMetadataDocument.issuer = string.Format("{0}@{1}", serviceName, text); jsonMetadataDocument.allowedAudiences = new string[] { jsonMetadataDocument.issuer }; List <JsonKey> list = new List <JsonKey>(); foreach (X509Certificate2 x509Certificate2 in new X509Certificate2[] { currentSigningKey, x509Certificate }) { if (x509Certificate2 != null && x509Certificate2.NotAfter > DateTime.UtcNow) { JsonKey item = new JsonKey { usage = AuthMetadataConstants.KeyUsage, keyinfo = new JsonKeyInfo { x5t = OAuthCommon.Base64UrlEncoder.EncodeBytes(x509Certificate2.GetCertHash()) }, keyvalue = new JsonKeyValue { type = AuthMetadataConstants.SigningKeyType, value = Convert.ToBase64String(x509Certificate2.GetRawCertData()) } }; list.Add(item); } } jsonMetadataDocument.keys = list.ToArray(); jsonMetadataDocument.endpoints = new JsonEndpoint[] { new JsonEndpoint { location = null, protocol = AuthMetadataConstants.Protocol, usage = AuthMetadataConstants.MetadataEndpointUsage } }; return(jsonMetadataDocument); }