refactor(TokenDescription): Nach RSAKey verschoben, um unter RSAPrivateKey definiert werden zu können

DigitalData.Core.Security/Config/MappingProfile.cs

@@ -7,7 +7,7 @@ namespace DigitalData.Core.Security.Config
     {
         public MappingProfile()
         {
-            CreateMap<TokenDescription, SecurityTokenDescriptor>();
+            CreateMap<RSATokenDescriptor, SecurityTokenDescriptor>();
         }
     }
 }

DigitalData.Core.Security/Config/TokenParams.cs

@@ -2,6 +2,6 @@
 {
     public class TokenParams
     {
-        public required IEnumerable<TokenDescription> Descriptions { get; init; }
+        public required IEnumerable<RSATokenDescriptor> Descriptions { get; init; }
     }
 }

DigitalData.Core.Security/Cryptograph.cs

@@ -19,7 +19,7 @@ namespace DigitalData.Core.Security
 
         public IEnumerable<IAsymmetricPublicKey> PublicKeys => _lazyPublicKeys.Value;
 
-        public IEnumerable<TokenDescription> TokenDescriptions { get; init; } = new List<TokenDescription>();
+        public IEnumerable<RSATokenDescriptor> TokenDescriptions { get; init; } = new List<RSATokenDescriptor>();
 
         public Cryptograph(IOptions<CryptographParams> options, ILogger<Cryptograph>? logger = null) : base(options)
         {

DigitalData.Core.Security/DIExtensions.cs

@@ -67,7 +67,7 @@ namespace DigitalData.Core.Security
         public static IServiceCollection AddTokenParams(this IServiceCollection services, TokenParams tokenParams)
             => services.AddSingleton(Options.Create(tokenParams));
 
-        public static IServiceCollection AddTokenParams(this IServiceCollection services, params TokenDescription[] descriptions)
+        public static IServiceCollection AddTokenParams(this IServiceCollection services, params RSATokenDescriptor[] descriptions)
             => services.AddSingleton(Options.Create<TokenParams>(new() { Descriptions = descriptions }));
 
         public static IServiceCollection AddJwtSignatureHandler<TPrincipal>(this IServiceCollection services,

DigitalData.Core.Security/Extension.cs

@@ -85,13 +85,13 @@ namespace DigitalData.Core.Security
         internal static string ToTag(this DateOnly date, string format) => date.ToDateTime(new()).ToTag(format);
 
         /// <summary>
-        /// Maps a <see cref="TokenDescription"/> to a <see cref="SecurityTokenDescriptor"/>.
+        /// Maps a <see cref="RSATokenDescriptor"/> to a <see cref="SecurityTokenDescriptor"/>.
         /// </summary>
         /// <param name="mapper">The <see cref="IMapper"/> instance used for mapping.</param>
-        /// <param name="description">The <see cref="TokenDescription"/> instance to be mapped.</param>
+        /// <param name="description">The <see cref="RSATokenDescriptor"/> instance to be mapped.</param>
         /// <returns>A <see cref="SecurityTokenDescriptor"/> instance populated with the mapped values.</returns>
         /// <exception cref="ArgumentNullException">Thrown if <paramref name="mapper"/> or <paramref name="description"/> is <c>null</c>.</exception>
-        internal static SecurityTokenDescriptor Map(this IMapper mapper, TokenDescription description)
+        internal static SecurityTokenDescriptor Map(this IMapper mapper, RSATokenDescriptor description)
             => mapper.Map(description, new SecurityTokenDescriptor());
     }
 }

DigitalData.Core.Security/JwtSignatureHandler.cs

@@ -25,7 +25,7 @@ namespace DigitalData.Core.Security
             _cryptograph = cryptograph;
         }
 
-        public SecurityToken CreateToken(TPrincipal subject, TokenDescription description)
+        public SecurityToken CreateToken(TPrincipal subject, RSATokenDescriptor description)
         {
             var descriptor = _mapper.Map(description);
             descriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject);
@@ -59,7 +59,7 @@ namespace DigitalData.Core.Security
 
         public string WriteToken(SecurityTokenDescriptor descriptor) => WriteToken(CreateToken(descriptor));
 
-        public string WriteToken(TPrincipal subject, TokenDescription description) => WriteToken(CreateToken(subject: subject, description: description));
+        public string WriteToken(TPrincipal subject, RSATokenDescriptor description) => WriteToken(CreateToken(subject: subject, description: description));
 
         public string WriteToken(TPrincipal subject, string issuer, string audience) => WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience));
 

DigitalData.Core.Security/RSAKey/RSAPrivateKey.cs

@@ -1,4 +1,5 @@
 using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Security.Config;
 using Microsoft.IdentityModel.Tokens;
 using System.Security.Cryptography;
 
@@ -28,6 +29,12 @@ namespace DigitalData.Core.Security.RSAKey
 
         public IAsymmetricPublicKey PublicKey => _lazyPublicKey.Value;
 
+        private RSATokenDescriptor? _tokenDescriptor;
+
+        private readonly Lazy<RSATokenDescriptor?> _descLazyInitter;
+
+        public RSATokenDescriptor? TokenDescriptor { get => _descLazyInitter.Value; init => _tokenDescriptor = value; }
+
         public RSAPrivateKey()
         {
             _lazyPublicKey = new(() => new RSAPublicKey()
@@ -35,6 +42,17 @@ namespace DigitalData.Core.Security.RSAKey
                 Pem = RSA.ExportRSAPublicKeyPem(),
                 Padding = Padding
             });
+
+            _descLazyInitter = new(() =>
+            {
+                if(_tokenDescriptor is not null)
+                {
+                    _tokenDescriptor.Issuer = Issuer;
+                    _tokenDescriptor.Audience = Audience;
+                    _tokenDescriptor.SigningCredentials = CreateSigningCredentials();
+                }
+                return _tokenDescriptor;
+            });
         }
 
         public byte[] Decrypt(byte[] data) => RSA.Decrypt(data, Padding);

DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs

@@ -6,14 +6,14 @@ namespace DigitalData.Core.Security.Config
     /// <summary>
     /// Contains some information which used to create a security token. Designed to abstract <see cref="SecurityTokenDescriptor"/>
     /// </summary>
-    public class TokenDescription : IUniqueSecurityContext
+    public class RSATokenDescriptor : IUniqueSecurityContext
     {
         public string? ApiRoute { get; init; }
 
         /// <summary>
         /// Gets or sets the value of the 'audience' claim.
         /// </summary>
-        public new string Audience { get; set; }
+        public new string Audience { get; internal set; }
 
         /// <summary>
         /// Defines the compression algorithm that will be used to compress the JWT token payload.
@@ -33,7 +33,7 @@ namespace DigitalData.Core.Security.Config
         /// <summary>
         /// Gets or sets the issuer of this <see cref="ITokenDescription"/>.
         /// </summary>
-        public new string Issuer { get; set; }
+        public new string Issuer { get; internal set; }
 
         /// <summary>
         /// Gets or sets the time the security token was issued. This value should be in UTC.
@@ -82,7 +82,7 @@ namespace DigitalData.Core.Security.Config
         /// Specifies the signature algorithm to be applied to the <see cref="SigningCredentials"/>.
         /// Default is <see cref="SecurityAlgorithms.RsaSha256"/>.
         /// </summary>
-        public string SigningAlgorithm { get; init; } = SecurityAlgorithms.RsaSha256;
+        public string SigningAlgorithm { get; internal set; } = SecurityAlgorithms.RsaSha256;
 
         /// <summary>
         /// Optionally specifies the digest algorithm to be applied during the signing process for the <see cref="SigningCredentials"/>.