diff --git a/DigitalData.Core.Abstractions/Security/IAsymmetricTokenDescriptor.cs b/DigitalData.Core.Abstractions/Security/IAsymmetricTokenDescriptor.cs
index a168786..ae409b0 100644
--- a/DigitalData.Core.Abstractions/Security/IAsymmetricTokenDescriptor.cs
+++ b/DigitalData.Core.Abstractions/Security/IAsymmetricTokenDescriptor.cs
@@ -2,12 +2,71 @@
namespace DigitalData.Core.Abstractions.Security
{
+ ///
+ /// Contains some information which used to create a security token. Designed to abstract
+ ///
public interface IAsymmetricTokenDescriptor : IAsymmetricPrivateKey, IUniqueSecurityContext
{
string? ApiRoute { get; }
- SecurityKey SecurityKey { get; }
+ #region SecurityTokenDescriptor Map
+ ///
+ /// Defines the compression algorithm that will be used to compress the JWT token payload.
+ ///
+ public string CompressionAlgorithm { get; }
- SigningCredentials SigningCredentials { get; }
+ ///
+ /// Gets or sets the used to create a encrypted security token.
+ ///
+ public EncryptingCredentials EncryptingCredentials { get; }
+
+ ///
+ /// Gets or sets the value of the 'expiration' claim. This value should be in UTC.
+ ///
+ public DateTime? Expires { get; }
+
+ ///
+ /// Gets or sets the time the security token was issued. This value should be in UTC.
+ ///
+ public DateTime? IssuedAt { get; }
+
+ ///
+ /// Gets or sets the notbefore time for the security token. This value should be in UTC.
+ ///
+ public DateTime? NotBefore { get; }
+
+ ///
+ /// Gets or sets the token type.
+ /// If provided, this will be added as the value for the 'typ' header parameter. In the case of a JWE, this will be added to both the inner (JWS) and the outer token (JWE) header. By default, the value used is 'JWT'.
+ /// If also contains 'typ' header claim value, it will override the TokenType provided here.
+ /// This value is used only for JWT tokens and not for SAML/SAML2 tokens
+ ///
+ public string TokenType { get; }
+
+ ///
+ /// Gets or sets the which contains any custom header claims that need to be added to the JWT token header.
+ /// The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the ,
+ /// , and/or provided and SHOULD NOT be included in this dictionary as this
+ /// will result in an exception being thrown.
+ /// These claims are only added to the outer header (in case of a JWE).
+ ///
+ public IDictionary AdditionalHeaderClaims { get; }
+
+ ///
+ /// Gets or sets the which contains any custom header claims that need to be added to the inner JWT token header.
+ /// The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the ,
+ /// , and/or provided and SHOULD NOT be included in this dictionary as this
+ /// will result in an exception being thrown.
+ ///
+ /// For JsonWebTokenHandler, these claims are merged with while adding to the inner JWT header.
+ ///
+ ///
+ public IDictionary AdditionalInnerHeaderClaims { get; }
+
+ ///
+ /// Gets or sets the used to create a security token.
+ ///
+ public SigningCredentials SigningCredentials { get; }
+ #endregion SecurityTokenDescriptor
}
}
\ No newline at end of file
diff --git a/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs b/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
index bec51c3..c6a3620 100644
--- a/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
+++ b/DigitalData.Core.Security/RSAKey/RSATokenDescriptor.cs
@@ -1,6 +1,5 @@
using DigitalData.Core.Abstractions.Security;
using Microsoft.IdentityModel.Tokens;
-using System.Security.Cryptography;
namespace DigitalData.Core.Security.RSAKey
{