public static TokenVerificationKey AsTokenVerificationKey(this JsonWebKey jwk)
{
X509Certificate2 cert = null;
X509CertTokenVerificationKey key = null;
if (jwk.X5c != null && jwk.X5c.Count > 0)
{
cert = new X509Certificate2(Convert.FromBase64String(jwk.X5c.First()));
key = new X509CertTokenVerificationKey(cert);
return key;
}
if (!String.IsNullOrEmpty(jwk.N) && !String.IsNullOrEmpty(jwk.E))
{
RsaTokenVerificationKey rsaToken = new RsaTokenVerificationKey();
RSAParameters rsaParams = new RSAParameters()
{
Modulus = EncodeUtilities.Base64UrlDecode(jwk.N),
Exponent = EncodeUtilities.Base64UrlDecode(jwk.E)
};
rsaToken.InitFromRsaParameters(rsaParams);
return rsaToken;
}
throw new NotSupportedException(StringTable.NotSupportedJwkToTokenVerificationKeyConversion);
}
public void FetchKeyWithRSATokenValidationKeyAsPrimaryVerificationKey()
{
//Create a new RSACryptoServiceProvider object.
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
{
//Export the key information to an RSAParameters object.
//Pass false to export the public key information or pass
//true to export public and private key information.
RSAParameters RSAParams = RSA.ExportParameters(true);
TokenRestrictionTemplate tokenRestrictionTemplate = new TokenRestrictionTemplate(TokenType.JWT);
var tokenVerificationKey = new RsaTokenVerificationKey();
tokenVerificationKey.InitFromRsaParameters(RSAParams);
tokenRestrictionTemplate.PrimaryVerificationKey = tokenVerificationKey;
tokenRestrictionTemplate.Audience = "http://sampleIssuerUrl";
tokenRestrictionTemplate.Issuer = "http://sampleAudience";
string requirements = TokenRestrictionTemplateSerializer.Serialize(tokenRestrictionTemplate);
}
}
