public void PostConfigure(string name, MonitorApiKeyConfiguration options) { MonitorApiKeyOptions sourceOptions = _apiKeyOptions.CurrentValue; IList <ValidationResult> errors = new List <ValidationResult>(); Validator.TryValidateObject( sourceOptions, new ValidationContext(sourceOptions, null, null), errors, validateAllProperties: true); string jwkJson = null; try { jwkJson = Base64UrlEncoder.Decode(sourceOptions.PublicKey); } catch (Exception) { errors.Add( new ValidationResult( string.Format( Strings.ErrorMessage_NotBase64, nameof(MonitorApiKeyOptions.PublicKey), sourceOptions.PublicKey), new string[] { nameof(MonitorApiKeyOptions.PublicKey) })); } JsonWebKey jwk = null; if (!string.IsNullOrEmpty(jwkJson)) { try { jwk = JsonWebKey.Create(jwkJson); } // JsonWebKey will throw only throw ArgumentException or a derived class. catch (ArgumentException ex) { errors.Add( new ValidationResult( string.Format( Strings.ErrorMessage_InvalidJwk, nameof(MonitorApiKeyOptions.PublicKey), sourceOptions.PublicKey, ex.Message), new string[] { nameof(MonitorApiKeyOptions.PublicKey) })); } } if (null != jwk) { if (!JwtAlgorithmChecker.IsValidJwk(jwk)) { errors.Add( new ValidationResult( string.Format( Strings.ErrorMessage_RejectedJwk, nameof(MonitorApiKeyOptions.PublicKey)), new string[] { nameof(MonitorApiKeyOptions.PublicKey) })); } // We will let the algorithm work with private key but we should produce a warning message else if (jwk.HasPrivateKey) { _logger.NotifyPrivateKey(nameof(MonitorApiKeyOptions.PublicKey)); } } options.ValidationErrors = errors; if (errors.Any()) { options.Subject = string.Empty; options.PublicKey = null; } else { options.Subject = sourceOptions.Subject; options.PublicKey = jwk; } }
private void OnReload(MonitorApiKeyOptions options) { Interlocked.Exchange(ref _reloadToken, new ConfigurationReloadToken()).OnReload(); }