private Dictionary <string, object> PerformSelfIssuedAuthentication(OIDCAuthorizationRequestMessage requestMessage, X509Certificate2 certificate) { OIDCIdToken idToken = new OIDCIdToken(); idToken.Iss = "https://self-issued.me"; idToken.Sub = Convert.ToBase64String(Encoding.UTF8.GetBytes(certificate.Thumbprint)); idToken.Aud = new List <string>() { requestMessage.RedirectUri }; idToken.Nonce = requestMessage.Nonce; idToken.Exp = DateTime.MaxValue; idToken.Iat = DateTime.MaxValue; idToken.SubJkw = KeyManager.GetOIDCKey(certificate, "RSA", "AQAB", "sig"); if (requestMessage.Scope.Contains(MessageScope.Profile)) { idToken.GivenName = "Myself"; idToken.FamilyName = "User"; idToken.Name = idToken.GivenName + " " + idToken.FamilyName; } if (requestMessage.Scope.Contains(MessageScope.Email)) { idToken.Email = "*****@*****.**"; } if (requestMessage.Scope.Contains(MessageScope.Address)) { idToken.Address = new OIDCAddress(); idToken.Address.Country = "Italy"; idToken.Address.PostalCode = "20100"; idToken.Address.StreetAddress = "Via Test, 1"; idToken.Address.Locality = "Milano"; } if (requestMessage.Scope.Contains(MessageScope.Phone)) { idToken.PhoneNumber = "0"; } idToken.Validate(); Dictionary <string, object> responseMessage = new Dictionary <string, object>(); responseMessage["id_token"] = JWT.Encode(idToken.SerializeToJsonString(), null, JwsAlgorithm.none); responseMessage["state"] = requestMessage.State; return(responseMessage); }