/// <summary>CreateByECDsa</summary> /// <param name="iss">client_id</param> /// <param name="aud">Token2 EndPointのuri</param> /// <param name="forExp">DateTimeOffset</param> /// <param name="scopes">scopes</param> /// <param name="ecdsaX509FilePath">ES256用の X.509秘密鍵 の File Path</param> /// <param name="ecdsaX509Password">ES256用の X.509秘密鍵 の Password</param> /// <returns>JwtAssertion</returns> public static string CreateByECDsa( string iss, string aud, TimeSpan forExp, string scopes, string ecdsaX509FilePath, string ecdsaX509Password) ///// <param name="eccPrivateKey">ES256用のECParameters秘密鍵</param> //ECParameters ecPrivateKey) // ECDsa.ExportParameters(true)が動かねぇ。 { string json = ""; //string jws = ""; #region ClaimSetの生成 Dictionary <string, object> jwtAssertionClaimSet = new Dictionary <string, object>(); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.iss, iss); // client_id jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.aud, aud); // Token EndPointのuri。 jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.exp, CmnJwtToken.CreateExpClaim(forExp)); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.iat, CmnJwtToken.CreateIatClaim()); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.jti, CmnJwtToken.CreateJitClaim()); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.scope, scopes); // scopes json = JsonConvert.SerializeObject(jwtAssertionClaimSet); #endregion #region JWT化 JWS_ES256_X509 jwtES256 = new JWS_ES256_X509(ecdsaX509FilePath, ecdsaX509Password); return(jwtES256.Create(json)); #endregion }
/// <summary>CreateByRsa</summary> /// <param name="iss">client_id</param> /// <param name="aud">Token2 EndPointのuri</param> /// <param name="forExp">DateTimeOffset</param> /// <param name="scopes">scopes</param> /// <param name="rsaPrivateKey">RS256用のRSAParameters秘密鍵</param> /// <returns>JwtAssertion</returns> public static string CreateByRsa( string iss, string aud, TimeSpan forExp, string scopes, RSAParameters rsaPrivateKey) { string json = ""; //string jws = ""; #region ClaimSetの生成 Dictionary <string, object> jwtAssertionClaimSet = new Dictionary <string, object>(); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.iss, iss); // client_id jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.aud, aud); // Token EndPointのuri。 jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.exp, CmnJwtToken.CreateExpClaim(forExp)); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.iat, CmnJwtToken.CreateIatClaim()); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.jti, CmnJwtToken.CreateJitClaim()); jwtAssertionClaimSet.Add(OAuth2AndOIDCConst.scope, scopes); // scopes json = JsonConvert.SerializeObject(jwtAssertionClaimSet); #endregion #region JWT化 JWS_RS256_Param jwtRS256 = new JWS_RS256_Param(rsaPrivateKey); return(jwtRS256.Create(json)); #endregion }
// - OpenID Connect Client Initiated Backchannel Authentication Flow - Core 1.0 draft-01 // https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html // - Financial-grade API: Client Initiated Backchannel Authentication Profile // https://openid.net/specs/openid-financial-api-ciba-ID1.html #region Create ///// <summary>CreateCiba</summary> ///// <param name="iss">string</param> ///// <param name="aud">string</param> ///// <param name="exp">string</param> ///// <param name="nbf">string</param> ///// <param name="scopes">string</param> ///// <param name="client_notification_token">string</param> ///// <param name="binding_message">string</param> ///// <param name="user_code">string</param> ///// <param name="requested_expiry">string</param> ///// <param name="login_hint">string</param> ///// <param name="requestContextAndIntent">Dictionary(string, object)</param> ///// <param name="jwkPrivateKey">ES256用のJWK秘密鍵</param> ///// <returns>RequestObject</returns> //public static string CreateCiba( // string iss, string aud, string exp, string nbf, string scopes, // string client_notification_token, string binding_message, // string user_code, string requested_expiry, string login_hint, // Dictionary<string, object> requestContextAndIntent, string jwkPrivateKey) //{ // EccPrivateKeyConverter epkc = new EccPrivateKeyConverter(); // return RequestObject.CreateCiba( // iss, aud, exp, nbf, scopes, // client_notification_token, binding_message, // user_code, requested_expiry, login_hint, // requestContextAndIntent, epkc.JwkToParam(jwkPrivateKey)); //} /// <summary>CreateCiba</summary> /// <param name="iss">string</param> /// <param name="aud">string</param> /// <param name="exp">string</param> /// <param name="nbf">string</param> /// <param name="scopes">string</param> /// <param name="client_notification_token">string</param> /// <param name="binding_message">string</param> /// <param name="user_code">string</param> /// <param name="requested_expiry">string</param> /// <param name="login_hint">string</param> /// <param name="requestContextAndIntent">Dictionary(string, object)</param> /// <param name="ecdsaX509FilePath">ES256用の X.509秘密鍵 の File Path</param> /// <param name="ecdsaX509Password">ES256用の X.509秘密鍵 の Password</param> /// <returns>RequestObject</returns> public static string CreateCiba( string iss, string aud, string exp, string nbf, string scopes, string client_notification_token, string binding_message, string user_code, string requested_expiry, string login_hint, Dictionary <string, object> requestContextAndIntent, string ecdsaX509FilePath, string ecdsaX509Password) ///// <param name="ecPrivateKey">ES256用のECParameters秘密鍵</param> //ECParameters ecPrivateKey) // ECDsa.ExportParameters(true)が動かねぇ。 { string json = ""; #region ClaimSetの生成 Dictionary <string, object> requestObjectClaimSet = new Dictionary <string, object>(); requestObjectClaimSet.Add(OAuth2AndOIDCConst.iss, iss); // client_id requestObjectClaimSet.Add(OAuth2AndOIDCConst.aud, aud); // ROS EndPointのuri。 requestObjectClaimSet.Add(OAuth2AndOIDCConst.exp, exp); requestObjectClaimSet.Add(OAuth2AndOIDCConst.iat, CmnJwtToken.CreateIatClaim()); requestObjectClaimSet.Add(OAuth2AndOIDCConst.nbf, nbf); requestObjectClaimSet.Add(OAuth2AndOIDCConst.jti, CmnJwtToken.CreateJitClaim()); requestObjectClaimSet.Add(OAuth2AndOIDCConst.scope, scopes); requestObjectClaimSet.Add(OAuth2AndOIDCConst.client_notification_token, client_notification_token); requestObjectClaimSet.Add(OAuth2AndOIDCConst.binding_message, binding_message); if (!string.IsNullOrEmpty(user_code)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.user_code, user_code); } if (!string.IsNullOrEmpty(requested_expiry)) { requestObjectClaimSet.Add(OAuth2AndOIDCConst.requested_expiry, requested_expiry); } requestObjectClaimSet.Add(OAuth2AndOIDCConst.login_hint, login_hint); if (requestContextAndIntent != null) { foreach (string key in requestContextAndIntent.Keys) { requestObjectClaimSet.Add(key, requestContextAndIntent[key]); } } json = JsonConvert.SerializeObject(requestObjectClaimSet); #endregion #region JWT化 JWS_ES256_X509 jwtES256 = new JWS_ES256_X509(ecdsaX509FilePath, ecdsaX509Password); return(jwtES256.Create(json)); #endregion }