public Task <ClaimsPrincipal> ValidateAssertionAsync( RFC7523RequestModel request, UserDeviceCredentialDto userDeviceCredential, SigningCredentials signingCredentials) { var validator = new RFC7523AssertionValidator(userDeviceCredential); var tokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = signingCredentials.Key, ValidateIssuerSigningKey = true, ValidateIssuer = true, IssuerValidator = validator.ValidateIssuer, ValidateAudience = true, AudienceValidator = validator.ValidateAudience, RequireSignedTokens = true, RequireExpirationTime = true }; var handler = new JwtSecurityTokenHandler(); var result = handler.ValidateToken(request.Assertion, tokenValidationParameters, out var _); return(Task.FromResult(result)); }
public Task <SigningCredentials> CreateSigningCredentialsAsync(UserDeviceCredentialDto userDeviceCredential) { var rsaParameters = new RSAParameters { Exponent = Convert.FromBase64String(userDeviceCredential.Exponent), Modulus = Convert.FromBase64String(userDeviceCredential.Modulus) }; var key = new RsaSecurityKey(rsaParameters) { KeyId = userDeviceCredential.UserDeviceCredentialId.ToString("D") }; var signingCredentials = new SigningCredentials(key, "RS256"); return(Task.FromResult(signingCredentials)); }
public Task <UserDeviceCredentialDto> CreateAsync(UserDeviceCredentialDto userDeviceCredentialDto) { Database.Add(userDeviceCredentialDto); return(Task.FromResult(userDeviceCredentialDto)); }
internal RFC7523AssertionValidator(UserDeviceCredentialDto userDeviceCredential) { this.userDeviceCredential = userDeviceCredential; }