public static TokenResult GetTestToken(IAsset MyAsset, CloudMediaContext _context, ContentKeyType?keytype = null, SigningCredentials signingcredentials = null, string optionid = null, bool displayUI = false)
{
TokenResult MyResult = new TokenResult();
/// WITH UI
if (displayUI)
{
CreateTestToken form = new CreateTestToken(MyAsset, _context, keytype, optionid)
{
StartDate = DateTime.Now.AddMinutes(-5), EndDate = DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration)
};
if (form.ShowDialog() == DialogResult.OK)
{
if (form.GetOption != null)
{
string tokenTemplateString = form.GetOption.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
Guid rawkey = EncryptionUtils.GetKeyIdAsGuid(form.GetContentKeyFromSelectedOption.Id);
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
if (tokenTemplate.OpenIdConnectDiscoveryDocument == null)
{
MyResult.TokenType = tokenTemplate.TokenType;
MyResult.IsTokenKeySymmetric = (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
MyResult.ContentKeyType = form.GetContentKeyFromSelectedOption.ContentKeyType;
if (tokenTemplate.TokenType == TokenType.SWT) //SWT
{
MyResult.TokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenTemplate, null, rawkey, form.EndDate);
}
else // JWT
{
IList <Claim> myclaims = null;
myclaims = form.GetTokenRequiredClaims;
if (form.PutContentKeyIdentifier)
{
myclaims.Add(new Claim(TokenClaim.ContentKeyIdentifierClaimType, rawkey.ToString()));
}
if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey))
{
InMemorySymmetricSecurityKey tokenSigningKey = new InMemorySymmetricSecurityKey((tokenTemplate.PrimaryVerificationKey as SymmetricVerificationKey).KeyValue);
signingcredentials = new SigningCredentials(tokenSigningKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);
}
else if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(X509CertTokenVerificationKey))
{
X509Certificate2 cert = form.GetX509Certificate;
if (cert != null)
{
signingcredentials = new X509SigningCredentials(cert);
}
}
JwtSecurityToken token = new JwtSecurityToken(issuer: form.GetIssuerUri, audience: form.GetAudienceUri, notBefore: form.StartDate, expires: form.EndDate, signingCredentials: signingcredentials, claims: myclaims);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
MyResult.TokenString = handler.WriteToken(token);
}
}
}
}
}
}
/////////////////////////////// NO UI
else if (keytype != null)
{
IContentKey key = MyAsset.ContentKeys.Where(k => k.ContentKeyType == keytype).FirstOrDefault();
if (key != null && key.AuthorizationPolicyId != null)
{
IContentKeyAuthorizationPolicy policy = _context.ContentKeyAuthorizationPolicies.Where(p => p.Id == key.AuthorizationPolicyId).FirstOrDefault();
if (policy != null)
{
IContentKeyAuthorizationPolicyOption option = null;
if (optionid == null) // user does not want a specific option
{
option = policy.Options.Where(o => (ContentKeyRestrictionType)o.Restrictions.FirstOrDefault().KeyRestrictionType == ContentKeyRestrictionType.TokenRestricted).FirstOrDefault();
}
else
{
option = policy.Options.Where(o => o.Id == optionid).FirstOrDefault(); // user wants a token for a specific option
}
if (option != null) // && option.Restrictions.FirstOrDefault() != null && option.Restrictions.FirstOrDefault().KeyRestrictionType == (int)ContentKeyRestrictionType.TokenRestricted)
{
string tokenTemplateString = option.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
Guid rawkey = EncryptionUtils.GetKeyIdAsGuid(key.Id);
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
if (tokenTemplate.OpenIdConnectDiscoveryDocument == null)
{
MyResult.TokenType = tokenTemplate.TokenType;
MyResult.IsTokenKeySymmetric = (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
MyResult.ContentKeyType = (ContentKeyType)keytype;
if (tokenTemplate.TokenType == TokenType.SWT) //SWT
{
MyResult.TokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenTemplate, null, rawkey, DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration));
}
else // JWT
{
List <Claim> myclaims = null;
myclaims = new List <Claim>();
myclaims.Add(new Claim(TokenClaim.ContentKeyIdentifierClaimType, rawkey.ToString()));
if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey))
{
InMemorySymmetricSecurityKey tokenSigningKey = new InMemorySymmetricSecurityKey((tokenTemplate.PrimaryVerificationKey as SymmetricVerificationKey).KeyValue);
signingcredentials = new SigningCredentials(tokenSigningKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);
}
else if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(X509CertTokenVerificationKey))
{
if (signingcredentials == null)
{
X509Certificate2 cert = DynamicEncryption.GetCertificateFromFile(true);
if (cert != null)
{
signingcredentials = new X509SigningCredentials(cert);
}
}
}
JwtSecurityToken token = new JwtSecurityToken(issuer: tokenTemplate.Issuer, audience: tokenTemplate.Audience, notBefore: DateTime.Now.AddMinutes(-5), expires: DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration), signingCredentials: signingcredentials, claims: myclaims);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
MyResult.TokenString = handler.WriteToken(token);
}
}
}
}
}
}
}
return(MyResult);
}
public static TokenResult GetTestToken(IAsset MyAsset, CloudMediaContext _context, ContentKeyType? keytype = null, SigningCredentials signingcredentials = null, string optionid = null, bool displayUI = false)
{
TokenResult MyResult = new TokenResult();
/// WITH UI
if (displayUI)
{
CreateTestToken form = new CreateTestToken(MyAsset, _context, keytype, optionid) { StartDate = DateTime.Now.AddMinutes(-5), EndDate = DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration) };
if (form.ShowDialog() == DialogResult.OK)
{
if (form.GetOption != null)
{
string tokenTemplateString = form.GetOption.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
Guid rawkey = EncryptionUtils.GetKeyIdAsGuid(form.GetContentKeyFromSelectedOption.Id);
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
if (tokenTemplate.OpenIdConnectDiscoveryDocument == null)
{
MyResult.TokenType = tokenTemplate.TokenType;
MyResult.IsTokenKeySymmetric = (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
MyResult.ContentKeyType = form.GetContentKeyFromSelectedOption.ContentKeyType;
if (tokenTemplate.TokenType == TokenType.SWT) //SWT
{
MyResult.TokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenTemplate, null, rawkey, form.EndDate);
}
else // JWT
{
IList<Claim> myclaims = null;
myclaims = form.GetTokenRequiredClaims;
if (form.PutContentKeyIdentifier)
myclaims.Add(new Claim(TokenClaim.ContentKeyIdentifierClaimType, rawkey.ToString()));
if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey))
{
InMemorySymmetricSecurityKey tokenSigningKey = new InMemorySymmetricSecurityKey((tokenTemplate.PrimaryVerificationKey as SymmetricVerificationKey).KeyValue);
signingcredentials = new SigningCredentials(tokenSigningKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);
}
else if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(X509CertTokenVerificationKey))
{
X509Certificate2 cert = form.GetX509Certificate;
if (cert != null) signingcredentials = new X509SigningCredentials(cert);
}
JwtSecurityToken token = new JwtSecurityToken(issuer: form.GetIssuerUri, audience: form.GetAudienceUri, notBefore: form.StartDate, expires: form.EndDate, signingCredentials: signingcredentials, claims: myclaims);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
MyResult.TokenString = handler.WriteToken(token);
}
}
}
}
}
}
/////////////////////////////// NO UI
else if (keytype != null)
{
IContentKey key = MyAsset.ContentKeys.Where(k => k.ContentKeyType == keytype).FirstOrDefault();
if (key != null && key.AuthorizationPolicyId != null)
{
IContentKeyAuthorizationPolicy policy = _context.ContentKeyAuthorizationPolicies.Where(p => p.Id == key.AuthorizationPolicyId).FirstOrDefault();
if (policy != null)
{
IContentKeyAuthorizationPolicyOption option = null;
if (optionid == null) // user does not want a specific option
{
option = policy.Options.Where(o => (ContentKeyRestrictionType)o.Restrictions.FirstOrDefault().KeyRestrictionType == ContentKeyRestrictionType.TokenRestricted).FirstOrDefault();
}
else
{
option = policy.Options.Where(o => o.Id == optionid).FirstOrDefault(); // user wants a token for a specific option
}
if (option != null) // && option.Restrictions.FirstOrDefault() != null && option.Restrictions.FirstOrDefault().KeyRestrictionType == (int)ContentKeyRestrictionType.TokenRestricted)
{
string tokenTemplateString = option.Restrictions.FirstOrDefault().Requirements;
if (!string.IsNullOrEmpty(tokenTemplateString))
{
Guid rawkey = EncryptionUtils.GetKeyIdAsGuid(key.Id);
TokenRestrictionTemplate tokenTemplate = TokenRestrictionTemplateSerializer.Deserialize(tokenTemplateString);
if (tokenTemplate.OpenIdConnectDiscoveryDocument == null)
{
MyResult.TokenType = tokenTemplate.TokenType;
MyResult.IsTokenKeySymmetric = (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey));
MyResult.ContentKeyType = (ContentKeyType)keytype;
if (tokenTemplate.TokenType == TokenType.SWT) //SWT
{
MyResult.TokenString = TokenRestrictionTemplateSerializer.GenerateTestToken(tokenTemplate, null, rawkey, DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration));
}
else // JWT
{
List<Claim> myclaims = null;
myclaims = new List<Claim>();
myclaims.Add(new Claim(TokenClaim.ContentKeyIdentifierClaimType, rawkey.ToString()));
if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(SymmetricVerificationKey))
{
InMemorySymmetricSecurityKey tokenSigningKey = new InMemorySymmetricSecurityKey((tokenTemplate.PrimaryVerificationKey as SymmetricVerificationKey).KeyValue);
signingcredentials = new SigningCredentials(tokenSigningKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);
}
else if (tokenTemplate.PrimaryVerificationKey.GetType() == typeof(X509CertTokenVerificationKey))
{
if (signingcredentials == null)
{
X509Certificate2 cert = DynamicEncryption.GetCertificateFromFile(true);
if (cert != null) signingcredentials = new X509SigningCredentials(cert);
}
}
JwtSecurityToken token = new JwtSecurityToken(issuer: tokenTemplate.Issuer, audience: tokenTemplate.Audience, notBefore: DateTime.Now.AddMinutes(-5), expires: DateTime.Now.AddMinutes(Properties.Settings.Default.DefaultTokenDuration), signingCredentials: signingcredentials, claims: myclaims);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
MyResult.TokenString = handler.WriteToken(token);
}
}
}
}
}
}
}
return MyResult;
}