/// <summary>Create</summary> /// <param name="iss">string</param> /// <param name="aud">string</param> /// <param name="response_type">string</param> /// <param name="response_mode">string</param> /// <param name="redirect_uri">string</param> /// <param name="scopes">string</param> /// <param name="state">string</param> /// <param name="nonce">string</param> /// <param name="max_age">string</param> /// <param name="prompt">string</param> /// <param name="login_hint">string</param> /// <param name="claims">ClaimsInRO</param> /// <param name="rsaPrivateKey">RS256用のRSAParameters秘密鍵</param> /// <returns>RequestObject</returns> public static string Create( string iss, string aud, string response_type, string response_mode, string redirect_uri, string scopes, string state, string nonce, string max_age, string prompt, string login_hint, ClaimsInRO claims, RSAParameters rsaPrivateKey) { string json = ""; #region ClaimSetの生成 Dictionary <string, object> requestObjectClaimSet = new Dictionary <string, object>(); requestObjectClaimSet.Add(OAuth2AndOIDCConst.iss, iss); // client_id requestObjectClaimSet.Add(OAuth2AndOIDCConst.aud, aud); // ROS EndPointのuri。 requestObjectClaimSet.Add(OAuth2AndOIDCConst.response_type, response_type); requestObjectClaimSet.Add(OAuth2AndOIDCConst.client_id, iss); if (!string.IsNullOrEmpty(response_mode)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.response_mode, response_mode); } if (!string.IsNullOrEmpty(redirect_uri)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.redirect_uri, redirect_uri); } requestObjectClaimSet.Add(OAuth2AndOIDCConst.scope, scopes); requestObjectClaimSet.Add(OAuth2AndOIDCConst.state, state); if (!string.IsNullOrEmpty(nonce)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.nonce, nonce); } if (!string.IsNullOrEmpty(max_age)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.max_age, max_age); } if (!string.IsNullOrEmpty(prompt)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.prompt, prompt); } if (!string.IsNullOrEmpty(login_hint)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.login_hint, login_hint); } requestObjectClaimSet.Add(OAuth2AndOIDCConst.claims, claims.Claims); json = JsonConvert.SerializeObject(requestObjectClaimSet); #endregion #region JWT化 JWS_RS256_Param jwtRS256 = new JWS_RS256_Param(rsaPrivateKey); return(jwtRS256.Create(json)); #endregion }
// https://openid.net/specs/openid-connect-core-1_0.html#RequestObject // { // "iss": "s6BhdRkqt3", // "aud": "https://server.example.com", // "response_type": "code id_token", // "client_id": "s6BhdRkqt3", // "redirect_uri": "https://client.example.org/cb", // "scope": "openid", // "state": "af0ifjsldkj", // "nonce": "n-0S6_WzA2Mj", // "max_age": 86400, // "claims": ... see : ClaimsInRO.cs // } // 以下はI/F上に含めない。 // - display ... promptの形式 // - ui_locales ... UICulture的な // - id_token_hint ... 以前のid_token(再認証) #region Create /// <summary>Create</summary> /// <param name="iss">string</param> /// <param name="aud">string</param> /// <param name="response_type">string</param> /// <param name="response_mode">string</param> /// <param name="redirect_uri">string</param> /// <param name="scopes">string</param> /// <param name="state">string</param> /// <param name="nonce">string</param> /// <param name="max_age">string</param> /// <param name="prompt">string</param> /// <param name="login_hint">string</param> /// <param name="claims">ClaimsInRO</param> /// <param name="jwkPrivateKey">string</param> /// <returns>RequestObject</returns> public static string Create( string iss, string aud, string response_type, string response_mode, string redirect_uri, string scopes, string state, string nonce, string max_age, string prompt, string login_hint, ClaimsInRO claims, string jwkPrivateKey) { RsaPrivateKeyConverter rpkc = new RsaPrivateKeyConverter(); return(RequestObject.Create( iss, aud, response_type, response_mode, redirect_uri, scopes, state, nonce, max_age, prompt, login_hint, claims, rpkc.JwkToParam(jwkPrivateKey))); }