internal static string GetECDsaSigningAlgorithmValue(IdentityServerConstants.ECDsaSigningAlgorithm value)
{
return(value switch
{
IdentityServerConstants.ECDsaSigningAlgorithm.ES256 => SecurityAlgorithms.EcdsaSha256,
IdentityServerConstants.ECDsaSigningAlgorithm.ES384 => SecurityAlgorithms.EcdsaSha384,
IdentityServerConstants.ECDsaSigningAlgorithm.ES512 => SecurityAlgorithms.EcdsaSha512,
_ => throw new ArgumentException("Invalid ECDsa signing algorithm value", nameof(value)),
});
/// <summary>
/// Adds an ECDSA-based validation key.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="key">The ECDSA key</param>
/// <param name="signingAlgorithm">The ECDSA-based signing algorithm</param>
/// <returns></returns>
public static IIdentityServerBuilder AddValidationKey(
this IIdentityServerBuilder builder,
ECDsaSecurityKey key,
IdentityServerConstants.ECDsaSigningAlgorithm signingAlgorithm = IdentityServerConstants.ECDsaSigningAlgorithm.ES256)
{
var keyInfo = new SecurityKeyInfo
{
Key = key,
SigningAlgorithm = CryptoHelper.GetECDsaSigningAlgorithmValue(signingAlgorithm)
};
return(builder.AddValidationKey(keyInfo));
}
/// <summary>
/// Sets an ECDsa-based signing credential.
/// </summary>
/// <param name="builder">The builder.</param>
/// <param name="key">The ECDsa key.</param>
/// <param name="signingAlgorithm">The signing algorithm</param>
/// <returns></returns>
public static IIdentityServerBuilder AddSigningCredential(this IIdentityServerBuilder builder, ECDsaSecurityKey key, IdentityServerConstants.ECDsaSigningAlgorithm signingAlgorithm)
{
var credential = new SigningCredentials(key, CryptoHelper.GetECDsaSigningAlgorithmValue(signingAlgorithm));
return(builder.AddSigningCredential(credential));
}
