/// <summary>
/// Creates a serialized and protected security token.
/// </summary>
/// <param name="token">The token.</param>
/// <returns>
/// A security token in serialized form
/// </returns>
/// <exception cref="System.InvalidOperationException">Invalid token type.</exception>
public virtual async Task <string> CreateSecurityTokenAsync(Token token)
{
if (token.Type == Constants.TokenTypes.AccessToken)
{
if (token.Client.AccessTokenType == AccessTokenType.Jwt)
{
Logger.Debug("Creating JWT access token");
return(await _signingService.SignTokenAsync(token));
}
Logger.Debug("Creating reference access token");
var handle = Guid.NewGuid().ToString("N");
await _tokenHandles.StoreAsync(handle, token);
return(handle);
}
if (token.Type == Constants.TokenTypes.IdentityToken)
{
Logger.Debug("Creating JWT identity token");
return(await _signingService.SignTokenAsync(token));
}
throw new InvalidOperationException("Invalid token type.");
}
public override async Task <Token> CreateAccessTokenAsync(TokenCreationRequest request)
{
var token = await base.CreateAccessTokenAsync(request);
await _tokenHandleStore.StoreAsync(await _signingService.SignTokenAsync(token), token);
return(token);
}
private Task Setup(List <Token> subjectATokens, List <Token> subjectBTokens, List <Token> subjectCTokens)
{
List <Task> tasks = new List <Task>();
var removed = TestData.Token(SubjectA);
removed.Client.ClientId = removed.ClientId + 0;
tasks.Add(SaveAsync(removed.Client));
tasks.Add(_store.StoreAsync(RemovedKey, removed));
var notRemoved = TestData.Token(SubjectA);
notRemoved.Client.ClientId = notRemoved.ClientId + 1;
tasks.Add(SaveAsync(notRemoved.Client));
tasks.Add(_store.StoreAsync(NotRemovedKey, notRemoved));
subjectATokens.Add(removed);
subjectATokens.Add(notRemoved);
foreach (var subjectConfig in new[]
{
new { subject = SubjectB, tokens = subjectBTokens },
new { subject = SubjectC, tokens = subjectCTokens }
})
{
for (int i = 0; i < 10; i++)
{
var token = TestData.Token(subjectConfig.subject);
token.CreationTime = token.CreationTime.AddDays(i);
if (i % 2 == 0)
{
token.Client.ClientId = RevokedClient;
}
else
{
token.Client.ClientId = NotRevokedClient;
}
tasks.Add(SaveAsync(token.Client));
tasks.Add(_store.StoreAsync(subjectConfig.subject + i, token));
subjectConfig.tokens.Add(token);
}
}
return(Task.WhenAll(tasks));
}
public async Task InitializeAsync()
{
var factory = _data.Factory;
var admin = factory.Resolve <IAdminService>();
await admin.CreateDatabase(expireUsingIndex : false);
var token = TestData.Token(Subject);
await admin.Save(token.Client);
await _thStore.StoreAsync("ac", token);
}
public virtual async Task <string> CreateSecurityTokenAsync(Token token)
{
if (token.Type == Constants.TokenTypes.AccessToken)
{
if (token.Client.AccessTokenType == AccessTokenType.JWT)
{
Logger.Debug("Creating JWT access token");
return(CreateJsonWebToken(
token,
new X509SigningCredentials(_settings.SigningCertificate)));
}
else
{
Logger.Debug("Creating reference access token");
var handle = Guid.NewGuid().ToString("N");
await _tokenHandles.StoreAsync(handle, token);
return(handle);
}
}
if (token.Type == Constants.TokenTypes.IdentityToken)
{
Logger.Debug("Creating JWT identity token");
SigningCredentials credentials;
if (token.Client.IdentityTokenSigningKeyType == SigningKeyTypes.ClientSecret)
{
credentials = new HmacSigningCredentials(token.Client.ClientSecret);
}
else
{
credentials = new X509SigningCredentials(_settings.SigningCertificate);
}
return(CreateJsonWebToken(token, credentials));
}
throw new InvalidOperationException("Invalid token type.");
}
/// <summary>
/// Creates a serialized and protected security token.
/// </summary>
/// <param name="token">The token.</param>
/// <returns>
/// A security token in serialized form
/// </returns>
/// <exception cref="System.InvalidOperationException">Invalid token type.</exception>
public virtual async Task <string> CreateSecurityTokenAsync(Token token)
{
string tokenResult;
if (token.Type == Constants.TokenTypes.AccessToken)
{
if (token.Client.AccessTokenType == AccessTokenType.Jwt)
{
_logger.LogVerbose("Creating JWT access token");
tokenResult = await _signingService.SignTokenAsync(token);
}
else
{
_logger.LogVerbose("Creating reference access token");
var handle = CryptoRandom.CreateUniqueId();
await _tokenHandles.StoreAsync(handle, token);
tokenResult = handle;
}
}
else if (token.Type == Constants.TokenTypes.IdentityToken)
{
_logger.LogVerbose("Creating JWT identity token");
tokenResult = await _signingService.SignTokenAsync(token);
}
else
{
throw new InvalidOperationException("Invalid token type.");
}
await _events.RaiseTokenIssuedEventAsync(token, tokenResult);
return(tokenResult);
}