public void Find_ReturnsNotFoundWhenCertificateDoesNotExist()
        {
            var sut = new CertificateFinder();
            var result = sut.Find(X509FindType.FindByThumbprint, "somethingthatdoesnotexist");

            Assert.False(result.Found);
        }
        public void Find_ReturnsNotFoundWhenCertificateDoesNotExist()
        {
            var sut    = new CertificateFinder();
            var result = sut.Find(X509FindType.FindByThumbprint, "somethingthatdoesnotexist");

            Assert.False(result.Found);
        }
        public void Find_FindsAStoredCertificateByThumbprint()
        {
            var certificate = CreateCertificateIn(StoreName.My, StoreLocation.CurrentUser);
            var sut = new CertificateFinder();

            var result = sut.Find(X509FindType.FindByThumbprint, certificate.Thumbprint);

            Assert.True(result.Found);
        }
        public void Find_FindsAStoredCertificateByThumbprint()
        {
            var certificate = CreateCertificateIn(StoreName.My, StoreLocation.CurrentUser);
            var sut         = new CertificateFinder();

            var result = sut.Find(X509FindType.FindByThumbprint, certificate.Thumbprint);

            Assert.True(result.Found);
        }
Пример #5
0
        public static S2SAuthClient CreateWithCertificateByName(long clientSiteId, string clientCertificateName, Uri msaAuthenticationUrl, IWebClient webClient = null)
        {
            if (string.IsNullOrEmpty(clientCertificateName))
            {
                throw new ArgumentException("Client certificate name cannot be null");
            }
            X509Certificate2 certificate = CertificateFinder.FindCertificateByName(clientCertificateName, true, true);

            return(S2SAuthClient.Create(clientSiteId, certificate, msaAuthenticationUrl, webClient));
        }
Пример #6
0
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddHttpClient("Server", client => { client.BaseAddress = new Uri(ServerUrl); });

            services.AddHttpClient("ServerWithCertificate", client => { client.BaseAddress = new Uri(ServerUrl); })
            .AddClientCertificate(provider =>
            {
                var certSubject1 = Configuration["ServerCertificateSubject"];
                return(CertificateFinder.FindBySubject(certSubject1));
            });
        }
        /// <inheritdoc/>
        public async Task <string?> RequestTokenAsync()
        {
            this.logger?.LogInformation("Requesting token from identity provider.");

            if (this.confidentialClientApplication == null)
            {
                ValidationResult validationResult = this.aadAppConfiguration.ValidationResult();
                if (!validationResult.Success)
                {
                    throw new ArgumentException(validationResult.Message);
                }

                if (!string.IsNullOrEmpty(this.aadAppConfiguration.CertificateSubjectName))
                {
                    this.confidentialClientApplication = ConfidentialClientApplicationBuilder.Create(this.aadAppConfiguration.ClientId)
                                                         .WithCertificate(CertificateFinder.FindBySubjectName(this.aadAppConfiguration.CertificateSubjectName, DateTime.UtcNow))
                                                         .WithAuthority(AzureCloudInstance.AzurePublic, this.aadAppConfiguration.TenantId)
                                                         .Build();
                }
                else
                {
                    this.confidentialClientApplication = ConfidentialClientApplicationBuilder.Create(this.aadAppConfiguration.ClientId)
                                                         .WithClientSecret(this.aadAppConfiguration.ClientSecret)
                                                         .WithAuthority(AzureCloudInstance.AzurePublic, this.aadAppConfiguration.TenantId)
                                                         .Build();
                }
            }

            AuthenticationResult?result;

            try
            {
                result = await this.confidentialClientApplication.AcquireTokenForClient(this.aadAppConfiguration.Scopes)
                         .ExecuteAsync();

                this.logger?.LogInformation("Token requested successfully.");
                this.logger?.LogDebug($"Access token: {result.AccessToken}");
                this.logger?.LogDebug($"Expires on  : {result.ExpiresOn}");
                this.logger?.LogDebug($"Scopes      : {string.Join(";", result.Scopes)}");
            }
            catch (MsalException e)
            {
                this.logger?.LogError(e, "Requesting token failed");
                throw;
            }

            return(result.AccessToken);
        }
Пример #8
0
        private void AttachIdentityServer(IAppBuilder app)
        {
            app.Map(
                "/identity",
                idapp =>
            {
                var factory = CustomIdentityServerFactoryFactory.Create();
                CustomIdentityServerFactoryFactory.ReConfigureForCustomUsers(factory, MemebersConnName);

                var options = new IdentityServerOptions()
                {
                    SigningCertificate = CertificateFinder.GetDefault(),
                    Factory            = factory,
                    SiteName           = "PoC Identity",
                    IssuerUri          = "https://localhost:44333/identity",
                    CorsPolicy         = CorsPolicy.AllowAll
                };

                idapp.UseIdentityServer(options);
            });
        }
Пример #9
0
        private void button1_Click(object sender, EventArgs e)
        {
            var certs = CertificateFinder.GetCertificateLocations();

            certificate = CertificateSelecter.ShowSelectionDialog(certs, out string password);
            if (certificate == null)
            {
                MessageBox.Show("선택되지 않음", "오류", MessageBoxButtons.OK, MessageBoxIcon.Error);
                return;
            }
            try
            {
                certificate.PrivateKeyInfo = CertificateLoader.DecryptPrivateKey(certificate, password);
            }
            catch (LibNPKI.Exceptions.IncorretPasswordException)
            {
                MessageBox.Show("잘못된 비밀번호입니다.", "오류", MessageBoxButtons.OK, MessageBoxIcon.Error);
                certificate = null;
                return;
            }
            groupBox1.Visible = true;
            groupBox1.Enabled = true;
        }
 public IConfidentialClientApplication CreateConfidentialClientApplication(string certificateSubjectName) =>
 ConfidentialClientApplicationBuilder
 .Create(ClientId)
 .WithCertificate(CertificateFinder.FindBySubjectName(certificateSubjectName, DateTime.UtcNow))
 .WithAuthority(AzureCloudInstance.AzurePublic, TenantId)
 .Build();