private static (string, string) GetMetadataConfiguration(HttpDocumentRetriever documentRetriever, string metadataAddress, bool validateIssuer) { string?issuer = null; string?jwksUri = null; var config = documentRetriever.GetDocument(metadataAddress, CancellationToken.None); var reader = new Utf8JsonReader(config); if (!reader.Read() || reader.TokenType != JsonTokenType.StartObject) { throw new InvalidOperationException($"Invalid JSON document at '{metadataAddress}'."); } while (reader.Read() && reader.TokenType == JsonTokenType.PropertyName) { if (reader.ValueTextEquals(IssuerName)) { reader.Read(); issuer = reader.GetString(); if (jwksUri != null) { break; } } else if (reader.ValueTextEquals(JwksUriName)) { reader.Read(); jwksUri = reader.GetString(); if (issuer != null) { break; } } else { JsonParser.ConsumeJsonMember(ref reader); } } if (jwksUri is null) { throw new InvalidOperationException($"Invalid JSON document at '{metadataAddress}'. No 'jwks_uri' claim found."); } if (issuer is null) { throw new InvalidOperationException($"Invalid JSON document at '{metadataAddress}'. No 'issuer' claim found."); } // Not perfect as test, but we do not have the issuer here for the moment. if (validateIssuer && !metadataAddress.StartsWith(issuer)) { throw new InvalidOperationException($"The 'issuer' claim in the document '{metadataAddress}' is invalid."); } return(issuer, jwksUri); }
/// <summary>Initializes a new instance of <see cref="JwksHttpKeyProvider"/>.y</summary> public JwksHttpKeyProvider(string metadataConfiguration, HttpDocumentRetriever documentRetriever) { if (metadataConfiguration is null) { throw new ArgumentNullException(nameof(metadataConfiguration)); } if (documentRetriever is null) { throw new ArgumentNullException(nameof(documentRetriever)); } _documentRetriever = documentRetriever ?? throw new ArgumentNullException(nameof(documentRetriever)); (_issuer, _jwksAddress) = GetMetadataConfiguration(DocumentRetriever, metadataConfiguration); }
/// <summary> /// Retrieves a populated <see cref="OpenIdConnectConfiguration"/> given an address and an <see cref="DocumentRetriever"/>. /// </summary> /// <param name="address">address of the discovery document.</param> /// <param name="retriever">the <see cref="DocumentRetriever"/> to use to read the discovery document</param> /// <returns>A populated <see cref="OpenIdConnectConfiguration"/> instance.</returns> public static OpenIdConnectConfiguration Get(string address, HttpDocumentRetriever retriever, CancellationToken cancellationToken) { if (string.IsNullOrEmpty(address)) { throw new ArgumentNullException(nameof(address)); } if (retriever == null) { throw new ArgumentNullException(nameof(retriever)); } var doc = retriever.GetDocument(address, cancellationToken); OpenIdConnectConfiguration openIdConnectConfiguration = OpenIdConnectConfiguration.FromJson(doc); return(openIdConnectConfiguration); }
/// <summary> /// Initializes a new instance of <see cref="X5uKeyProvider"/>. /// </summary> /// <param name="documentRetriever"></param> public X5uKeyProvider(HttpDocumentRetriever documentRetriever) : base(documentRetriever) { }
/// <summary> /// Initializes a new instance of <see cref="HttpKeyProvider"/>. /// </summary> /// <param name="documentRetriever"></param> protected HttpKeyProvider(HttpDocumentRetriever documentRetriever) { _documentRetriever = documentRetriever ?? throw new ArgumentNullException(nameof(documentRetriever)); }
/// <summary> /// Initializes a new instance of <see cref="JwksKeyProvider"/>. /// </summary> /// <param name="jwksAddress"></param> /// <param name="documentRetriever"></param> public JwksKeyProvider(string jwksAddress, HttpDocumentRetriever documentRetriever) : base(documentRetriever) { _jwksAddress = jwksAddress ?? throw new System.ArgumentNullException(nameof(jwksAddress)); }
/// <summary>Initializes a new instance of <see cref="JwksHttpKeyProvider"/>.y</summary> public JwksHttpKeyProvider(string issuer, string jwksAddress, HttpDocumentRetriever documentRetriever) { _issuer = issuer ?? throw new ArgumentNullException(nameof(issuer)); _documentRetriever = documentRetriever ?? throw new ArgumentNullException(nameof(documentRetriever)); _jwksAddress = jwksAddress ?? throw new ArgumentNullException(nameof(jwksAddress)); }
public OpenIdConnectConfiguration GetConfiguration(string address, HttpDocumentRetriever retriever, CancellationToken cancellationToken) { return(Get(address, retriever, cancellationToken)); }