/// <summary> /// Uses a specific <see cref="X509Certificate2"/> retrieved from the /// given X509 store to sign tokens issued by the OpenID Connect server. /// </summary> /// <param name="options">The options used to configure the OpenID Connect server.</param> /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X509 store.</param> /// <param name="password">The password used to open the certificate.</param> /// <param name="name">The name of the X509 store.</param> /// <param name="location">The location of the X509 store.</param> /// <returns>The options used to configure the OpenID Connect server.</returns> public static OpenIdConnectServerOptions UseCertificate([NotNull] this OpenIdConnectServerOptions options, [NotNull] string thumbprint, [NotNull] string password, StoreName name, StoreLocation location) { var store = new X509Store(name, location); try { store.Open(OpenFlags.ReadOnly); var certificates = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false); var certificate = certificates.OfType <X509Certificate2>().SingleOrDefault(); if (certificate == null) { throw new InvalidOperationException("The certificate corresponding to the given thumbprint was not found."); } return(options.UseCertificate(certificate)); } finally { #if DNXCORE50 store.Dispose(); #else store.Close(); #endif } }
/// <summary> /// Uses a specific <see cref="X509Certificate2"/> contained in /// a stream to sign tokens issued by the OpenID Connect server. /// </summary> /// <param name="options">The options used to configure the OpenID Connect server.</param> /// <param name="stream">The stream containing the certificate.</param> /// <param name="password">The password used to open the certificate.</param> /// <returns>The options used to configure the OpenID Connect server.</returns> public static OpenIdConnectServerOptions UseCertificate( [NotNull] this OpenIdConnectServerOptions options, [NotNull] Stream stream, [NotNull] string password) { return(options.UseCertificate(stream, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet)); }
/// <summary> /// Uses a specific <see cref="X509Certificate2"/> contained in /// a stream to sign tokens issued by the OpenID Connect server. /// </summary> /// <param name="options">The options used to configure the OpenID Connect server.</param> /// <param name="stream">The stream containing the certificate.</param> /// <param name="password">The password used to open the certificate.</param> /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param> /// <returns>The options used to configure the OpenID Connect server.</returns> public static OpenIdConnectServerOptions UseCertificate( [NotNull] this OpenIdConnectServerOptions options, [NotNull] Stream stream, [NotNull] string password, X509KeyStorageFlags flags) { using (var buffer = new MemoryStream()) { stream.CopyTo(buffer); return(options.UseCertificate(new X509Certificate2(buffer.ToArray(), password, flags))); } }
/// <summary> /// Uses a specific <see cref="X509Certificate2"/> retrieved from an /// embedded resource to sign tokens issued by the OpenID Connect server. /// </summary> /// <param name="options">The options used to configure the OpenID Connect server.</param> /// <param name="assembly">The assembly containing the certificate.</param> /// <param name="resource">The name of the embedded resource.</param> /// <param name="password">The password used to open the certificate.</param> /// <returns>The options used to configure the OpenID Connect server.</returns> public static OpenIdConnectServerOptions UseCertificate( [NotNull] this OpenIdConnectServerOptions options, [NotNull] Assembly assembly, [NotNull] string resource, [NotNull] string password) { using (var stream = assembly.GetManifestResourceStream(resource)) { if (stream == null) { throw new InvalidOperationException("The certificate was not found in the given assembly."); } return(options.UseCertificate(stream, password)); } }
/// <summary> /// Uses a specific <see cref="X509Certificate2"/> retrieved from the /// X509 machine store to sign tokens issued by the OpenID Connect server. /// </summary> /// <param name="options">The options used to configure the OpenID Connect server.</param> /// <param name="thumbprint">The thumbprint of the certificate used to identify it in the X509 store.</param> /// <param name="password">The password used to open the certificate.</param> /// <returns>The options used to configure the OpenID Connect server.</returns> public static OpenIdConnectServerOptions UseCertificate( [NotNull] this OpenIdConnectServerOptions options, [NotNull] string thumbprint, [NotNull] string password) { return(options.UseCertificate(thumbprint, password, StoreName.My, StoreLocation.LocalMachine)); }