/// <summary>
///
/// </summary>
/// <param name="clientId"></param>
/// <param name="tokenEndpoint"></param>
/// <param name="signingMethod">Indicate which method to use when signing the Jwt Token</param>
/// <param name="securityKey"></param>
/// <param name="securityAlgorithm"></param>
/// <param name="extraClaims">Additional claims to add to the jwt</param>
public static string Generate(string clientId,
string tokenEndpoint,
SigningMethod signingMethod,
SecurityKey securityKey,
string securityAlgorithm)
{
if (clientId.IsNullOrEmpty())
{
throw new ArgumentException("clientId can not be empty or null");
}
if (tokenEndpoint.IsNullOrEmpty())
{
throw new ArgumentException("The token endpoint address can not be empty or null");
}
if (securityKey == null)
{
throw new ArgumentException("The security key can not be null");
}
if (securityAlgorithm.IsNullOrEmpty())
{
throw new ArgumentException("The security algorithm can not be empty or null");
}
return(GenerateJwt(clientId, tokenEndpoint, null, signingMethod, securityKey, securityAlgorithm));
}
public static string Generate(string clientId,
string audience,
Dictionary <string, string> extraClaims,
TimeSpan jwtLifetime,
SigningMethod signingMethod,
X509SecurityKey securityKey,
string securityAlgorithm)
{
if (clientId.IsNullOrEmpty())
{
throw new ArgumentException("clientId can not be empty or null");
}
if (audience.IsNullOrEmpty())
{
throw new ArgumentException("The audience address can not be empty or null");
}
if (securityKey == null)
{
throw new ArgumentException("The security key can not be null");
}
if (securityAlgorithm.IsNullOrEmpty())
{
throw new ArgumentException("The security algorithm can not be empty or null");
}
var expiryDate = DateTime.Now.Add(jwtLifetime);
return(GenerateJwt(clientId, audience, expiryDate, signingMethod, securityKey, securityAlgorithm, extraClaims));
}
/// <summary>
///
/// </summary>
/// <param name="clientId"></param>
/// <param name="audience"></param>
/// <param name="signingMethod">Indicate which method to use when signing the Jwt Token</param>
/// <param name="securityKey"></param>
/// <param name="securityAlgorithm"></param>
/// <param name="extraClaims">Additional claims to add to the jwt</param>
public static string Generate(string clientId,
string audience,
SigningMethod signingMethod,
SecurityKey securityKey,
string securityAlgorithm)
{
return(GenerateJwt(clientId, audience, null, signingMethod, securityKey, securityAlgorithm));
}
private void createAuthorization()
{
AuthorizationHeader.Add("oauth_consumer_key", RequestTokens.ConsumerKey);
AuthorizationHeader.Add("oauth_nonce", new NonceGenerator().Generate());
AuthorizationHeader.Add("oauth_signature_method", SigningMethod.GetDescription());
AuthorizationHeader.Add("oauth_timestamp", new TimestampGenerator().Generate());
if (!String.IsNullOrEmpty(RequestTokens.AccessToken))
{
AuthorizationHeader.Add("oauth_token", RequestTokens.AccessToken);
}
AuthorizationHeader.Add("oauth_version", OAuthVersion);
}
public static string Generate(string clientId,
string audience,
Dictionary <string, string> extraClaims,
TimeSpan jwtLifetime,
SigningMethod signingMethod,
SecurityKey securityKey,
string securityAlgorithm)
{
var expiryDate = DateTime.Now.Add(jwtLifetime);
return(GenerateJwt(clientId, audience, expiryDate, signingMethod, securityKey, securityAlgorithm, extraClaims));
}
private static string GenerateJwt(string clientId, string audience, DateTime?expiryDate,
SigningMethod signingMethod, SecurityKey securityKey)
{
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.RsaSha512);
var jwt = CreateJwtSecurityToken(clientId, audience, expiryDate, signingCredentials);
if (signingMethod == SigningMethod.X509EnterpriseSecurityKey)
{
UpdateJwtHeader(securityKey, jwt);
}
var tokenHandler = new JwtSecurityTokenHandler();
return(tokenHandler.WriteToken(jwt));
}
/// <summary>
/// Generates a new JWT
/// </summary>
/// <param name="clientId">The OAuth/OIDC client ID</param>
/// <param name="audience">The Authorization Server (STS)</param>
/// <param name="expiryDate">If value is null, the default expiry date is used (10 hrs)</param>
/// <param name="signingMethod"></param>
/// <param name="securityKey"></param>
/// <param name="securityAlgorithm"></param>
/// <param name="extraClaims">Additional claims to add to the jwt</param>
/// <returns></returns>
private static string GenerateJwt(string clientId, string audience, DateTime?expiryDate, SigningMethod signingMethod, SecurityKey securityKey, string securityAlgorithm, Dictionary <string, string> extraClaims = null)
{
var signingCredentials = new SigningCredentials(securityKey, securityAlgorithm);
var jwt = CreateJwtSecurityToken(clientId, audience + "", expiryDate, signingCredentials, extraClaims);
if (signingMethod == SigningMethod.X509EnterpriseSecurityKey)
{
UpdateJwtHeader(securityKey, jwt);
}
var tokenHandler = new JwtSecurityTokenHandler();
return(tokenHandler.WriteToken(jwt));
}
