/// <summary>Create</summary>
/// <param name="iss">client_id</param>
/// <param name="aud">Token2 EndPointのuri</param>
/// <param name="forExp">DateTimeOffset</param>
/// <param name="scopes">scopes</param>
/// <param name="jwkPrivateKey">RS256用のJWK秘密鍵</param>
/// <returns>JwtAssertion</returns>
public static string Create(
string iss, string aud, TimeSpan forExp, string scopes, string jwkPrivateKey)
{
JObject temp = JsonConvert.DeserializeObject <JObject>(jwkPrivateKey);
if (temp.ContainsKey("kty"))
{
if (((string)temp["kty"]).ToUpper() == "RSA")
{
RsaPrivateKeyConverter rpkc = new RsaPrivateKeyConverter(JWS_RSA.RS._256);
return(JwtAssertion.CreateByRsa(iss, aud, forExp, scopes,
rpkc.JwkToParam(jwkPrivateKey)));
}
#if NET45 || NET46
#else
else if (((string)temp["kty"]).ToUpper() == "EC")
{
EccPrivateKeyConverter epkc = new EccPrivateKeyConverter(JWS_ECDSA.ES._256);
return(JwtAssertion.CreateByECDsa(iss, aud, forExp, scopes,
epkc.JwkToParam(jwkPrivateKey)));
}
#endif
}
return("");
}
/// <summary>Create</summary>
/// <param name="iss">client_id</param>
/// <param name="aud">Token2 EndPointのuri</param>
/// <param name="forExp">DateTimeOffset</param>
/// <param name="scopes">scopes</param>
/// <param name="jwkPrivateKey">RS256用のJWK秘密鍵</param>
/// <returns>JwtAssertion</returns>
public static string Create(
string iss, string aud, TimeSpan forExp, string scopes, string jwkPrivateKey)
{
RsaPrivateKeyConverter rpkc = new RsaPrivateKeyConverter(JWS_RSA.RS._256);
return(JwtAssertion.Create(iss, aud, forExp, scopes,
rpkc.JwkToParam(jwkPrivateKey)));
}
// https://openid.net/specs/openid-connect-core-1_0.html#RequestObject
// {
// "iss": "s6BhdRkqt3",
// "aud": "https://server.example.com",
// "response_type": "code id_token",
// "client_id": "s6BhdRkqt3",
// "redirect_uri": "https://client.example.org/cb",
// "scope": "openid",
// "state": "af0ifjsldkj",
// "nonce": "n-0S6_WzA2Mj",
// "max_age": 86400,
// "claims": ... see : ClaimsInRO.cs
// }
// 以下はI/F上に含めない。
// - display ... promptの形式
// - ui_locales ... UICulture的な
// - id_token_hint ... 以前のid_token(再認証)
#region Create
/// <summary>Create</summary>
/// <param name="iss">string</param>
/// <param name="aud">string</param>
/// <param name="response_type">string</param>
/// <param name="response_mode">string</param>
/// <param name="redirect_uri">string</param>
/// <param name="scopes">string</param>
/// <param name="state">string</param>
/// <param name="nonce">string</param>
/// <param name="max_age">string</param>
/// <param name="prompt">string</param>
/// <param name="login_hint">string</param>
/// <param name="claims">ClaimsInRO</param>
/// <param name="jwkPrivateKey">string</param>
/// <returns>RequestObject</returns>
public static string Create(
string iss, string aud, string response_type, string response_mode,
string redirect_uri, string scopes, string state, string nonce,
string max_age, string prompt, string login_hint, ClaimsInRO claims, string jwkPrivateKey)
{
RsaPrivateKeyConverter rpkc = new RsaPrivateKeyConverter();
return(RequestObject.Create(
iss, aud, response_type, response_mode,
redirect_uri, scopes, state, nonce,
max_age, prompt, login_hint, claims,
rpkc.JwkToParam(jwkPrivateKey)));
}
