private static string DecodeToken(MaskinportenToken token, X509Certificate2 pubprivCertificate)
{
var serializer = new JsonNetSerializer();
var provider = new UtcDateTimeProvider();
var jwtDecoder = new JwtDecoder(serializer, new JwtValidator(serializer, provider), new JwtBase64UrlEncoder(), new RS256Algorithm(pubprivCertificate));
var decodedToken = jwtDecoder.Decode(token.Token);
Console.Out.WriteLine($"Decoded token {decodedToken}");
return(decodedToken);
}
private static async Task <MaskinportenToken> GetMaskinportenToken(X509Certificate2 x509Certificate2)
{
MaskinportenClientConfiguration maskinportenConfig = new MaskinportenClientConfiguration(
audience: @"https://oidc-ver2.difi.no/idporten-oidc-provider/", // ID-porten audience path
tokenEndpoint: @"https://oidc-ver2.difi.no/idporten-oidc-provider/token", // ID-porten token path
issuer: @"<Integrasjonens identifikator>", // Integrasjonens identifikator fra difi Integrasjon i selvbetjeningsportal
numberOfSecondsLeftBeforeExpire: 10, // The token will be refreshed 10 seconds before it expires
certificate: x509Certificate2); // Virksomhetssertifikat as a X509Certificate2
MaskinportenClient maskinportenClient = new MaskinportenClient(maskinportenConfig);
String scope = "ks:fiks"; // Scope for access token
MaskinportenToken accessToken = await maskinportenClient.GetAccessToken(scope);
return(accessToken);
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
X509Certificate2 x509Certificate2 = await GetX509Certificate2();
log.LogInformation("Hentet certificate med privatekey: " + x509Certificate2.GetRSAPrivateKey().ToString());
MaskinportenToken token = await GetMaskinportenToken(x509Certificate2);
log.LogInformation("Hentet token: " + token.ToString());
log.LogInformation("Returner token - function ferdig");
return(new OkObjectResult(token));
}
