From 211064d44ee40e2bf8650b98ad7cb9e126c353ec Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Thu, 9 Jan 2025 23:25:17 +0100
Subject: [PATCH] =?UTF-8?q?refactor(RSATokenDescriptor):=20Standard-Id=20m?=
 =?UTF-8?q?it=20Issuer=20und=20Audience=20hinzugef=C3=BCgt.=20=20-=20Issue?=
 =?UTF-8?q?r=20und=20Audience=20erforderlich=20gemacht.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Config/CryptoFactoryParams.cs                  |  7 +++++++
 DigitalData.Core.Security/RSAKey/RSAKeyBase.cs     | 14 ++++----------
 .../RSAKey/RSATokenDescriptor.cs                   | 10 ++++++++--
 3 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/DigitalData.Core.Security/Config/CryptoFactoryParams.cs b/DigitalData.Core.Security/Config/CryptoFactoryParams.cs
index b64e8d3..2ca73fb 100644
--- a/DigitalData.Core.Security/Config/CryptoFactoryParams.cs
+++ b/DigitalData.Core.Security/Config/CryptoFactoryParams.cs
@@ -47,6 +47,13 @@ namespace DigitalData.Core.Security.Config
 
         public CryptoFactoryParams()
         {
+            // set defaults
+            if (VaultDecryptor is not null)
+                VaultDecryptor.Id = "vault";
+
+            foreach (var descriptor in TokenDescriptors)
+                descriptor.IdSeparator = FileNameSeparator;
+
             // init decryptors
             AfterCreate += () =>
             {
diff --git a/DigitalData.Core.Security/RSAKey/RSAKeyBase.cs b/DigitalData.Core.Security/RSAKey/RSAKeyBase.cs
index 97085a2..045b92e 100644
--- a/DigitalData.Core.Security/RSAKey/RSAKeyBase.cs
+++ b/DigitalData.Core.Security/RSAKey/RSAKeyBase.cs
@@ -1,22 +1,16 @@
 using DigitalData.Core.Abstractions.Security;
-using Microsoft.IdentityModel.Tokens;
 using System.Security.Cryptography;
 
 namespace DigitalData.Core.Security.RSAKey
 {
     public class RSAKeyBase : IAsymmetricKey
     {
+#pragma warning disable CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable.
         public virtual string Content { get; init; }
-        
-        protected virtual RSA RSA { get; } = RSA.Create();
-
-        public string Id { get; init; }
 
-#pragma warning disable CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable.
-        internal RSAKeyBase()
-        {
-            
-        }
+        public virtual string Id { get; internal set; }
 #pragma warning restore CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable.
+
+        protected virtual RSA RSA { get; } = RSA.Create();
     }
 }
\ No newline at end of file
diff --git a/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs b/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
index b76c5f4..7fa5e75 100644
--- a/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
+++ b/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
@@ -8,13 +8,19 @@ namespace DigitalData.Core.Security.RSAKey
     /// </summary>
     public class RSATokenDescriptor : RSAPrivateKey, IAsymmetricTokenDescriptor
     {
+        internal string IdSeparator { get; set; } = "_-_";
+
+        private string? _id;
+
+        public override string Id { get => _id ?? $"{Issuer}{IdSeparator}{Audience}"; internal set => _id = value; }
+
         public string? ApiRoute { get; init; }
 
         #region SecurityTokenDescriptor Map
         /// <summary>
         /// Gets or sets the value of the 'audience' claim.
         /// </summary>
-        public string Audience { get; set; }
+        public required string Audience { get; set; }
 
         /// <summary>
         /// Defines the compression algorithm that will be used to compress the JWT token payload.
@@ -34,7 +40,7 @@ namespace DigitalData.Core.Security.RSAKey
         /// <summary>
         /// Gets or sets the issuer of this <see cref="SecurityTokenDescriptor"/>.
         /// </summary>
-        public string Issuer { get; set; }
+        public required string Issuer { get; set; }
 
         /// <summary>
         /// Gets or sets the time the security token was issued. This value should be in UTC.