AppStd/DigitalData.Core
Template
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(TokenDescription): Nach RSAKey verschoben, um unter RSAPrivateKey definiert werden zu können

Browse Source
This commit is contained in:
Developer 02 2025-01-07 13:22:45 +01:00
parent b5cecac745
commit 09a31b5a3d
8 changed files with 31 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DigitalData.Core.Security/Config/MappingProfile.cs
View File

@ -7,7 +7,7 @@ namespace DigitalData.Core.Security.Config
{ {
public MappingProfile() public MappingProfile()
{ {
CreateMap<TokenDescription, SecurityTokenDescriptor>(); CreateMap<RSATokenDescriptor, SecurityTokenDescriptor>();
} }
} }
} }

2
DigitalData.Core.Security/Config/TokenParams.cs
View File

@ -2,6 +2,6 @@
{ {
public class TokenParams public class TokenParams
{ {
public required IEnumerable<TokenDescription> Descriptions { get; init; } public required IEnumerable<RSATokenDescriptor> Descriptions { get; init; }
} }
} }

2
DigitalData.Core.Security/Cryptograph.cs
View File

@ -19,7 +19,7 @@ namespace DigitalData.Core.Security
public IEnumerable<IAsymmetricPublicKey> PublicKeys => _lazyPublicKeys.Value; public IEnumerable<IAsymmetricPublicKey> PublicKeys => _lazyPublicKeys.Value;
public IEnumerable<TokenDescription> TokenDescriptions { get; init; } = new List<TokenDescription>(); public IEnumerable<RSATokenDescriptor> TokenDescriptions { get; init; } = new List<RSATokenDescriptor>();
public Cryptograph(IOptions<CryptographParams> options, ILogger<Cryptograph>? logger = null) : base(options) public Cryptograph(IOptions<CryptographParams> options, ILogger<Cryptograph>? logger = null) : base(options)
{ {

2
DigitalData.Core.Security/DIExtensions.cs
View File

@ -67,7 +67,7 @@ namespace DigitalData.Core.Security
public static IServiceCollection AddTokenParams(this IServiceCollection services, TokenParams tokenParams) public static IServiceCollection AddTokenParams(this IServiceCollection services, TokenParams tokenParams)
=> services.AddSingleton(Options.Create(tokenParams)); => services.AddSingleton(Options.Create(tokenParams));
public static IServiceCollection AddTokenParams(this IServiceCollection services, params TokenDescription[] descriptions) public static IServiceCollection AddTokenParams(this IServiceCollection services, params RSATokenDescriptor[] descriptions)
=> services.AddSingleton(Options.Create<TokenParams>(new() { Descriptions = descriptions })); => services.AddSingleton(Options.Create<TokenParams>(new() { Descriptions = descriptions }));
public static IServiceCollection AddJwtSignatureHandler<TPrincipal>(this IServiceCollection services, public static IServiceCollection AddJwtSignatureHandler<TPrincipal>(this IServiceCollection services,

6
DigitalData.Core.Security/Extension.cs
View File

@ -85,13 +85,13 @@ namespace DigitalData.Core.Security
internal static string ToTag(this DateOnly date, string format) => date.ToDateTime(new()).ToTag(format); internal static string ToTag(this DateOnly date, string format) => date.ToDateTime(new()).ToTag(format);
/// <summary> /// <summary>
/// Maps a <see cref="TokenDescription"/> to a <see cref="SecurityTokenDescriptor"/>. /// Maps a <see cref="RSATokenDescriptor"/> to a <see cref="SecurityTokenDescriptor"/>.
/// </summary> /// </summary>
/// <param name="mapper">The <see cref="IMapper"/> instance used for mapping.</param> /// <param name="mapper">The <see cref="IMapper"/> instance used for mapping.</param>
/// <param name="description">The <see cref="TokenDescription"/> instance to be mapped.</param> /// <param name="description">The <see cref="RSATokenDescriptor"/> instance to be mapped.</param>
/// <returns>A <see cref="SecurityTokenDescriptor"/> instance populated with the mapped values.</returns> /// <returns>A <see cref="SecurityTokenDescriptor"/> instance populated with the mapped values.</returns>
/// <exception cref="ArgumentNullException">Thrown if <paramref name="mapper"/> or <paramref name="description"/> is <c>null</c>.</exception> /// <exception cref="ArgumentNullException">Thrown if <paramref name="mapper"/> or <paramref name="description"/> is <c>null</c>.</exception>
internal static SecurityTokenDescriptor Map(this IMapper mapper, TokenDescription description) internal static SecurityTokenDescriptor Map(this IMapper mapper, RSATokenDescriptor description)
=> mapper.Map(description, new SecurityTokenDescriptor()); => mapper.Map(description, new SecurityTokenDescriptor());
} }
} }

4
DigitalData.Core.Security/JwtSignatureHandler.cs
View File

@ -25,7 +25,7 @@ namespace DigitalData.Core.Security
_cryptograph = cryptograph; _cryptograph = cryptograph;
} }
public SecurityToken CreateToken(TPrincipal subject, TokenDescription description) public SecurityToken CreateToken(TPrincipal subject, RSATokenDescriptor description)
{ {
var descriptor = _mapper.Map(description); var descriptor = _mapper.Map(description);
descriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject); descriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject);
@ -59,7 +59,7 @@ namespace DigitalData.Core.Security
public string WriteToken(SecurityTokenDescriptor descriptor) => WriteToken(CreateToken(descriptor)); public string WriteToken(SecurityTokenDescriptor descriptor) => WriteToken(CreateToken(descriptor));
public string WriteToken(TPrincipal subject, TokenDescription description) => WriteToken(CreateToken(subject: subject, description: description)); public string WriteToken(TPrincipal subject, RSATokenDescriptor description) => WriteToken(CreateToken(subject: subject, description: description));
public string WriteToken(TPrincipal subject, string issuer, string audience) => WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience)); public string WriteToken(TPrincipal subject, string issuer, string audience) => WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience));

18
DigitalData.Core.Security/RSAKey/RSAPrivateKey.cs
View File

@ -1,4 +1,5 @@
using DigitalData.Core.Abstractions.Security; using DigitalData.Core.Abstractions.Security;
using DigitalData.Core.Security.Config;
using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography; using System.Security.Cryptography;
@ -28,6 +29,12 @@ namespace DigitalData.Core.Security.RSAKey
public IAsymmetricPublicKey PublicKey => _lazyPublicKey.Value; public IAsymmetricPublicKey PublicKey => _lazyPublicKey.Value;
private RSATokenDescriptor? _tokenDescriptor;
private readonly Lazy<RSATokenDescriptor?> _descLazyInitter;
public RSATokenDescriptor? TokenDescriptor { get => _descLazyInitter.Value; init => _tokenDescriptor = value; }
public RSAPrivateKey() public RSAPrivateKey()
{ {
_lazyPublicKey = new(() => new RSAPublicKey() _lazyPublicKey = new(() => new RSAPublicKey()
@ -35,6 +42,17 @@ namespace DigitalData.Core.Security.RSAKey
Pem = RSA.ExportRSAPublicKeyPem(), Pem = RSA.ExportRSAPublicKeyPem(),
Padding = Padding Padding = Padding
}); });
_descLazyInitter = new(() =>
{
if(_tokenDescriptor is not null)
{
_tokenDescriptor.Issuer = Issuer;
_tokenDescriptor.Audience = Audience;
_tokenDescriptor.SigningCredentials = CreateSigningCredentials();
}
return _tokenDescriptor;
});
} }
public byte[] Decrypt(byte[] data) => RSA.Decrypt(data, Padding); public byte[] Decrypt(byte[] data) => RSA.Decrypt(data, Padding);

8
DigitalData.Core.Security/Config/TokenDescription.cs → DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
View File

@ -6,14 +6,14 @@ namespace DigitalData.Core.Security.Config
/// <summary> /// <summary>
/// Contains some information which used to create a security token. Designed to abstract <see cref="SecurityTokenDescriptor"/> /// Contains some information which used to create a security token. Designed to abstract <see cref="SecurityTokenDescriptor"/>
/// </summary> /// </summary>
public class TokenDescription : IUniqueSecurityContext public class RSATokenDescriptor : IUniqueSecurityContext
{ {
public string? ApiRoute { get; init; } public string? ApiRoute { get; init; }
/// <summary> /// <summary>
/// Gets or sets the value of the 'audience' claim. /// Gets or sets the value of the 'audience' claim.
/// </summary> /// </summary>
public new string Audience { get; set; } public new string Audience { get; internal set; }
/// <summary> /// <summary>
/// Defines the compression algorithm that will be used to compress the JWT token payload. /// Defines the compression algorithm that will be used to compress the JWT token payload.
@ -33,7 +33,7 @@ namespace DigitalData.Core.Security.Config
/// <summary> /// <summary>
/// Gets or sets the issuer of this <see cref="ITokenDescription"/>. /// Gets or sets the issuer of this <see cref="ITokenDescription"/>.
/// </summary> /// </summary>
public new string Issuer { get; set; } public new string Issuer { get; internal set; }
/// <summary> /// <summary>
/// Gets or sets the time the security token was issued. This value should be in UTC. /// Gets or sets the time the security token was issued. This value should be in UTC.
@ -82,7 +82,7 @@ namespace DigitalData.Core.Security.Config
/// Specifies the signature algorithm to be applied to the <see cref="SigningCredentials"/>. /// Specifies the signature algorithm to be applied to the <see cref="SigningCredentials"/>.
/// Default is <see cref="SecurityAlgorithms.RsaSha256"/>. /// Default is <see cref="SecurityAlgorithms.RsaSha256"/>.
/// </summary> /// </summary>
public string SigningAlgorithm { get; init; } = SecurityAlgorithms.RsaSha256; public string SigningAlgorithm { get; internal set; } = SecurityAlgorithms.RsaSha256;
/// <summary> /// <summary>
/// Optionally specifies the digest algorithm to be applied during the signing process for the <see cref="SigningCredentials"/>. /// Optionally specifies the digest algorithm to be applied during the signing process for the <see cref="SigningCredentials"/>.