diff --git a/DigitalData.Core.Security/DIExtensions.cs b/DigitalData.Core.Security/DIExtensions.cs index 8263afd..4d86c90 100644 --- a/DigitalData.Core.Security/DIExtensions.cs +++ b/DigitalData.Core.Security/DIExtensions.cs @@ -1,6 +1,5 @@ using DigitalData.Core.Abstractions.Security; using DigitalData.Core.Security.Config; -using DigitalData.Core.Security.RSAKey; using DigitalData.Core.Security.Services; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; diff --git a/DigitalData.Core.Security/JwtSignatureHandler.cs b/DigitalData.Core.Security/JwtSignatureHandler.cs deleted file mode 100644 index 0938347..0000000 --- a/DigitalData.Core.Security/JwtSignatureHandler.cs +++ /dev/null @@ -1,40 +0,0 @@ -using AutoMapper; -using DigitalData.Core.Abstractions.Security; -using DigitalData.Core.Security.Config; -using Microsoft.Extensions.Options; -using Microsoft.IdentityModel.Tokens; -using System.IdentityModel.Tokens.Jwt; - -namespace DigitalData.Core.Security -{ - public class JwtSignatureHandler : JwtSecurityTokenHandler, IJwtSignatureHandler - { - private readonly ClaimDescriptor _claimDescriptor; - - private readonly IMapper _mapper; - - private readonly ICryptoFactory _cryptoFactory; - - public JwtSignatureHandler(IOptions> claimDescriptorOptions, IMapper mapper, ICryptoFactory cryptoFactory) - { - _claimDescriptor = claimDescriptorOptions.Value; - _mapper = mapper; - _cryptoFactory = cryptoFactory; - } - - public SecurityToken CreateToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor) - { - var sDescriptor = _mapper.Map(descriptor); - sDescriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject); - sDescriptor.Subject = _claimDescriptor.CreateSubject?.Invoke(subject); - return CreateToken(sDescriptor); - } - - public SecurityToken CreateToken(TPrincipal subject, string issuer, string audience) - { - var descriptor = _cryptoFactory.TokenDescriptors.Get(issuer: issuer, audience: audience) - ?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'."); - return CreateToken(subject: subject, descriptor: descriptor); - } - } -} \ No newline at end of file diff --git a/DigitalData.Core.Security/CryptoFactory.cs b/DigitalData.Core.Security/Services/CryptoFactory.cs similarity index 95% rename from DigitalData.Core.Security/CryptoFactory.cs rename to DigitalData.Core.Security/Services/CryptoFactory.cs index 8b44213..4596968 100644 --- a/DigitalData.Core.Security/CryptoFactory.cs +++ b/DigitalData.Core.Security/Services/CryptoFactory.cs @@ -1,17 +1,16 @@ using DigitalData.Core.Abstractions.Security; using DigitalData.Core.Security.Config; -using DigitalData.Core.Security.RSAKey; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; - -namespace DigitalData.Core.Security; + +namespace DigitalData.Core.Security.Services; public class CryptoFactory : RSAFactory, ICryptoFactory, IAsymmetricKeyFactory { private readonly CryptoFactoryParams _params; public IEnumerable Decryptors { get; } - + /// /// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default. /// diff --git a/DigitalData.Core.Security/Services/JwtSignatureHandler.cs b/DigitalData.Core.Security/Services/JwtSignatureHandler.cs new file mode 100644 index 0000000..64fd018 --- /dev/null +++ b/DigitalData.Core.Security/Services/JwtSignatureHandler.cs @@ -0,0 +1,39 @@ +using AutoMapper; +using DigitalData.Core.Abstractions.Security; +using DigitalData.Core.Security.Config; +using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Tokens; +using System.IdentityModel.Tokens.Jwt; + +namespace DigitalData.Core.Security.Services; + +public class JwtSignatureHandler : JwtSecurityTokenHandler, IJwtSignatureHandler +{ + private readonly ClaimDescriptor _claimDescriptor; + + private readonly IMapper _mapper; + + private readonly ICryptoFactory _cryptoFactory; + + public JwtSignatureHandler(IOptions> claimDescriptorOptions, IMapper mapper, ICryptoFactory cryptoFactory) + { + _claimDescriptor = claimDescriptorOptions.Value; + _mapper = mapper; + _cryptoFactory = cryptoFactory; + } + + public SecurityToken CreateToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor) + { + var sDescriptor = _mapper.Map(descriptor); + sDescriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject); + sDescriptor.Subject = _claimDescriptor.CreateSubject?.Invoke(subject); + return CreateToken(sDescriptor); + } + + public SecurityToken CreateToken(TPrincipal subject, string issuer, string audience) + { + var descriptor = _cryptoFactory.TokenDescriptors.Get(issuer: issuer, audience: audience) + ?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'."); + return CreateToken(subject: subject, descriptor: descriptor); + } +} \ No newline at end of file diff --git a/DigitalData.Core.Security/RSAKey/RSAFactory.cs b/DigitalData.Core.Security/Services/RSAFactory.cs similarity index 96% rename from DigitalData.Core.Security/RSAKey/RSAFactory.cs rename to DigitalData.Core.Security/Services/RSAFactory.cs index ebf3490..27b50b4 100644 --- a/DigitalData.Core.Security/RSAKey/RSAFactory.cs +++ b/DigitalData.Core.Security/Services/RSAFactory.cs @@ -1,8 +1,9 @@ using DigitalData.Core.Abstractions.Security; using DigitalData.Core.Security.Config; +using DigitalData.Core.Security.RSAKey; using System.Security.Cryptography; -namespace DigitalData.Core.Security.RSAKey; +namespace DigitalData.Core.Security.Services; public class RSAFactory : IAsymmetricKeyFactory {