private static ICertificateFetcher GetCertificateFetcher(JwtOAuthClient client)
        {
            var certificateFetcher =
                client.RelativeFileCertificate != null
                    ? new FileCertificateFetcher(client.RelativeFileCertificate)
                    : client.StoreCertificate != null
                        ? new StoreByThumbprintCertificateFetcher(client.StoreCertificate)
                        : null as ICertificateFetcher;

            return(certificateFetcher);
        }
        private string GetJwe(AuthenticationTicket data, JwtOAuthClient client, string clientId)
        {
            var certificateFetcher = GetCertificateFetcher(client);
            var securityKey        = TextEncodings.Base64Url.Decode(client.Secret);
            var jwt = GetJwt(data, securityKey, clientId);

            var publicKey = certificateFetcher?.Fetch()?.PublicKey.Key as RSACryptoServiceProvider;

            var jwe = publicKey != null
                ? JWT.Encode(jwt, publicKey, JweAlgorithm.RSA_OAEP_256, JweEncryption.A256GCM, JweCompression.DEF)
                : jwt;

            return(jwe);
        }