async Task<IAccessToken> INonCachingAccessTokenProvider.ProvisionAccessTokenAsync(
IEnumerable<Claim> claimSet,
IEnumerable<Scope> scopes
) {
List<Claim> claims = claimSet.ToList();
scopes = scopes ?? Enumerable.Empty<Scope>();
DateTime now = DateTime.UtcNow;
string issuer;
if( !claims.TryGetClaim( Constants.Claims.ISSUER, out issuer ) ) {
throw new InvalidOperationException( "missing issuer claim" );
}
var unsignedToken = new UnsignedToken(
issuer: issuer,
audience: Constants.ASSERTION_AUDIENCE,
claims: claims,
notBefore: now,
expiresAt: now + Constants.ASSERTION_TOKEN_LIFETIME );
string assertion = await m_tokenSigner
.SignAsync( unsignedToken )
.SafeAsync();
return await m_client
.ProvisionAccessTokenAsync( assertion, scopes )
.SafeAsync();
}
public async Task<string> SignTokenBackdoor( UnsignedToken token ) {
return await m_tokenSigner
.SignAsync( token )
.SafeAsync();
}