public static IIdentityServerBuilder AddSigningCredentialAndValidationKeys(this IIdentityServerBuilder identityServerBuilder,
SigningCertificateSettings certificateSettings, ICertificateService certificateService, ILogger logger)
{
if (certificateSettings.UseTemporarySigningCredential)
{
logger.Information("Using temporary signing credential - this is not recommended for production");
identityServerBuilder.AddDeveloperSigningCredential();
return(identityServerBuilder);
}
var isLinux = RuntimeInformation.IsOSPlatform(OSPlatform.Linux);
identityServerBuilder.AddSigningCredential(certificateService.GetSigningCertificate(certificateSettings));
if (HasSecondarySigningKeys(certificateSettings, isLinux))
{
identityServerBuilder.AddValidationKeys(
new X509SecurityKey(certificateService.GetSigningCertificate(certificateSettings, isPrimary: false)));
}
return(identityServerBuilder);
}
