public AppHost(OAuthOptions oAuthOptions, IConfiguration configuration, IDataProvider dataProvider) { _oAuthOptions = oAuthOptions ?? throw new ArgumentNullException(nameof(oAuthOptions)); _configuration = configuration ?? throw new ArgumentNullException(nameof(configuration)); _dataProvider = dataProvider ?? throw new ArgumentNullException(nameof(dataProvider)); }
private string CreateJwtClientAssertion(OAuthOptions oAuthOptions, Microsoft.IdentityModel.Tokens.JsonWebKey jwk) { var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Expires = DateTime.UtcNow.AddMinutes(960), SigningCredentials = new SigningCredentials(jwk, SecurityAlgorithms.RsaSha256Signature), Subject = new ClaimsIdentity(new List <Claim> { new Claim("sub", oAuthOptions.ClientId.ToString()), new Claim("iss", oAuthOptions.ClientId.ToString()), new Claim("jti", Guid.NewGuid().ToString()), new Claim("aud", oAuthOptions.TokenEndpoint.ToString()) }) }; return(tokenHandler.WriteToken(tokenHandler.CreateJwtSecurityToken(tokenDescriptor))); }
private async Task <object> GetAccessTokenAsync(OAuthOptions oAuthOptions, Microsoft.IdentityModel.Tokens.JsonWebKey jsonWebKey) { var clientAssertion = CreateJwtClientAssertion(oAuthOptions, jsonWebKey); using (var httpClient = new HttpClient()) { var parameters = new Dictionary <string, string> { { "client_assertion", HttpUtility.UrlEncode(clientAssertion) }, { "client_assertion_type", ClientAssertionType }, { "grant_type", "client_credentials" }, { "scope", string.Join(SpaceSeparator, oAuthOptions.Scopes) } }; var httpContent = new FormUrlEncodedContent(parameters); var httpResponse = await httpClient.PostAsync(oAuthOptions.TokenEndpoint, httpContent); return(!httpResponse.IsSuccessStatusCode ? (object)JsonConvert.DeserializeObject <ErrorResponse>(await httpResponse.Content.ReadAsStringAsync()) : JsonConvert.DeserializeObject <ClientCredentialGrantResponse>(await httpResponse.Content.ReadAsStringAsync())); } }