From ce716d2bab34ba186850858fecc34f148e9d5e06 Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Fri, 20 Dec 2024 00:08:31 +0100
Subject: [PATCH] =?UTF-8?q?feat(TokenDescription):=20Erstellt=20als=20eing?=
 =?UTF-8?q?eschr=C3=A4nkte=20Version=20von=20SecurityTokenDescriptor=20als?=
 =?UTF-8?q?=20Wurzelbeschreibungen=20ohne=20Anspr=C3=BCche?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Config/AsymCryptParams.cs                 |  2 +
 .../Config/TokenDescription.cs                | 73 +++++++++++++++++++
 .../DigitalData.Core.Security.csproj          |  1 +
 3 files changed, 76 insertions(+)
 create mode 100644 DigitalData.Core.Security/Config/TokenDescription.cs

diff --git a/DigitalData.Core.Security/Config/AsymCryptParams.cs b/DigitalData.Core.Security/Config/AsymCryptParams.cs
index 7547f50..598ee96 100644
--- a/DigitalData.Core.Security/Config/AsymCryptParams.cs
+++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs
@@ -55,6 +55,8 @@ namespace DigitalData.Core.Security.Config
 
         public IEnumerable<RSADecryptor> Decryptors { get; init; } = new List<RSADecryptor>();
 
+        public IEnumerable<TokenDescription> TokenDescriptions { get; init; } = new List<TokenDescription>();
+
         public RSADecryptor? Vault { get; init; }
 
         public AsymCryptParams() => AfterCreate += () =>
diff --git a/DigitalData.Core.Security/Config/TokenDescription.cs b/DigitalData.Core.Security/Config/TokenDescription.cs
new file mode 100644
index 0000000..a039eba
--- /dev/null
+++ b/DigitalData.Core.Security/Config/TokenDescription.cs
@@ -0,0 +1,73 @@
+using Microsoft.IdentityModel.Tokens;
+
+namespace DigitalData.Core.Security.Config
+{
+    /// <summary>
+    /// Contains some information which used to create a security token. Designed to abstract <see cref="SecurityTokenDescriptor"/>
+    /// </summary>
+    public class TokenDescription
+    {
+        /// <summary>
+        /// Gets or sets the value of the 'audience' claim.
+        /// </summary>
+        public string Audience { get; set; }
+
+        /// <summary>
+        /// Defines the compression algorithm that will be used to compress the JWT token payload.
+        /// </summary>
+        public string CompressionAlgorithm { get; set; }
+
+        /// <summary>
+        /// Gets or sets the <see cref="EncryptingCredentials"/> used to create a encrypted security token.
+        /// </summary>
+        public EncryptingCredentials EncryptingCredentials { get; set; }
+
+        /// <summary>
+        /// Gets or sets the value of the 'expiration' claim. This value should be in UTC.
+        /// </summary>
+        public DateTime? Expires { get; set; }
+
+        /// <summary>
+        /// Gets or sets the issuer of this <see cref="ITokenDescription"/>.
+        /// </summary>
+        public string Issuer { get; set; }
+
+        /// <summary>
+        /// Gets or sets the time the security token was issued. This value should be in UTC.
+        /// </summary>
+        public DateTime? IssuedAt { get; set; }
+
+        /// <summary>
+        /// Gets or sets the notbefore time for the security token. This value should be in UTC.
+        /// </summary>
+        public DateTime? NotBefore { get; set; }
+
+        /// <summary>
+        /// Gets or sets the token type.
+        /// <remarks> If provided, this will be added as the value for the 'typ' header parameter. In the case of a JWE, this will be added to both the inner (JWS) and the outer token (JWE) header. By default, the value used is 'JWT'.
+        /// If <see cref="AdditionalHeaderClaims"/> also contains 'typ' header claim value, it will override the TokenType provided here.
+        /// This value is used only for JWT tokens and not for SAML/SAML2 tokens</remarks>
+        /// </summary>
+        public string TokenType { get; set; }
+
+        /// <summary>
+        /// Gets or sets the <see cref="Dictionary{TKey, TValue}"/> which contains any custom header claims that need to be added to the JWT token header.
+        /// The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the <see cref="SigningCredentials"/>,
+        /// <see cref="EncryptingCredentials"/>, and/or <see cref="CompressionAlgorithm"/> provided and SHOULD NOT be included in this dictionary as this
+        /// will result in an exception being thrown. 
+        /// <remarks> These claims are only added to the outer header (in case of a JWE).</remarks>
+        /// </summary>
+        public IDictionary<string, object> AdditionalHeaderClaims { get; set; }
+
+        /// <summary>
+        /// Gets or sets the <see cref="Dictionary{TKey, TValue}"/> which contains any custom header claims that need to be added to the inner JWT token header.
+        /// The 'alg', 'kid', 'x5t', 'enc', and 'zip' claims are added by default based on the <see cref="SigningCredentials"/>,
+        /// <see cref="EncryptingCredentials"/>, and/or <see cref="CompressionAlgorithm"/> provided and SHOULD NOT be included in this dictionary as this
+        /// will result in an exception being thrown. 
+        /// <remarks>
+        /// For JsonWebTokenHandler, these claims are merged with <see cref="AdditionalHeaderClaims"/> while adding to the inner JWT header.
+        /// </remarks>
+        /// </summary>
+        public IDictionary<string, object> AdditionalInnerHeaderClaims { get; set; }
+    }
+}
\ No newline at end of file
diff --git a/DigitalData.Core.Security/DigitalData.Core.Security.csproj b/DigitalData.Core.Security/DigitalData.Core.Security.csproj
index cdc5043..b2e980c 100644
--- a/DigitalData.Core.Security/DigitalData.Core.Security.csproj
+++ b/DigitalData.Core.Security/DigitalData.Core.Security.csproj
@@ -7,6 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="AutoMapper" Version="13.0.1" />
     <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="8.0.0" />
   </ItemGroup>