AppStd/DigitalData.Core
Template
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(JwtSignatureHandler): Aktualisierte Methoden, um IAsymmetricTokenDescriptor verwenden zu können

Browse Source
This commit is contained in:
Developer 02 2025-01-09 19:54:05 +01:00
parent 3761c13dba
commit d98b3f2867
2 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
DigitalData.Core.Abstractions/Security/IJwtSignatureHandler.cs
View File

@ -6,6 +6,8 @@ namespace DigitalData.Core.Abstractions.Security
{ {
SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor); SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor);
SecurityToken CreateToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor);
SecurityToken CreateToken(TPrincipal subject, string issuer, string audience); SecurityToken CreateToken(TPrincipal subject, string issuer, string audience);
SecurityToken CreateToken(TPrincipal subject, string apiRoute); SecurityToken CreateToken(TPrincipal subject, string apiRoute);
@ -14,6 +16,8 @@ namespace DigitalData.Core.Abstractions.Security
string WriteToken(SecurityTokenDescriptor descriptor); string WriteToken(SecurityTokenDescriptor descriptor);
string WriteToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor);
string WriteToken(TPrincipal subject, string issuer, string audience); string WriteToken(TPrincipal subject, string issuer, string audience);
string WriteToken(TPrincipal subject, string apiRoute); string WriteToken(TPrincipal subject, string apiRoute);

27
DigitalData.Core.Security/JwtSignatureHandler.cs
View File

@ -1,7 +1,6 @@
using AutoMapper; using AutoMapper;
using DigitalData.Core.Abstractions.Security; using DigitalData.Core.Abstractions.Security;
using DigitalData.Core.Security.Config; using DigitalData.Core.Security.Config;
using DigitalData.Core.Security.RSAKey;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt; using System.IdentityModel.Tokens.Jwt;
@ -23,36 +22,36 @@ namespace DigitalData.Core.Security
_cryptograph = cryptograph; _cryptograph = cryptograph;
} }
public SecurityToken CreateToken(TPrincipal subject, RSAPrivateKey key) public SecurityToken CreateToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor)
{ {
if(key.TokenDescriptor is null) var sDescriptor = _mapper.Map(descriptor);
throw new InvalidOperationException($"No descriptor found for issuer '{key.Issuer}' and audience '{key.Audience}'."); sDescriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject);
var descriptor = _mapper.Map(key.TokenDescriptor); sDescriptor.Subject = _claimDescriptor.CreateSubject?.Invoke(subject);
descriptor.Claims = _claimDescriptor.CreateClaims?.Invoke(subject); return CreateToken(sDescriptor);
descriptor.Subject = _claimDescriptor.CreateSubject?.Invoke(subject);
return CreateToken(descriptor);
} }
public SecurityToken CreateToken(TPrincipal subject, string issuer, string audience) public SecurityToken CreateToken(TPrincipal subject, string issuer, string audience)
{ {
var key = _cryptograph.Decryptors?.Get(issuer: issuer, audience: audience) var descriptor = _cryptograph.TokenDescriptors.Get(issuer: issuer, audience: audience)
?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'."); ?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'.");
return CreateToken(subject: subject, key: (RSAPrivateKey)key); return CreateToken(subject: subject, descriptor: descriptor);
} }
public SecurityToken CreateToken(TPrincipal subject, string apiRoute) public SecurityToken CreateToken(TPrincipal subject, string apiRoute)
{ {
var key = _cryptograph.Decryptors.SingleOrDefault(key => ((RSAPrivateKey)key).TokenDescriptor?.ApiRoute == apiRoute) var desc = _cryptograph.TokenDescriptors.SingleOrDefault(desc => desc.ApiRoute == apiRoute)
?? throw new InvalidOperationException($"No or multiple token description found for api route '{apiRoute}'."); ?? throw new InvalidOperationException($"No or multiple token description found for api route '{apiRoute}'.");
return CreateToken(subject: subject, key: (RSAPrivateKey)key); return CreateToken(subject: subject, descriptor: desc);
} }
public string WriteToken(SecurityTokenDescriptor descriptor) => WriteToken(CreateToken(descriptor)); public string WriteToken(SecurityTokenDescriptor descriptor) => WriteToken(CreateToken(descriptor));
public string WriteToken(TPrincipal subject, RSAPrivateKey key) => WriteToken(CreateToken(subject: subject, key: key)); public string WriteToken(TPrincipal subject, IAsymmetricTokenDescriptor descriptor)
=> WriteToken(CreateToken(subject: subject, descriptor: descriptor));
public string WriteToken(TPrincipal subject, string issuer, string audience) => WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience)); public string WriteToken(TPrincipal subject, string issuer, string audience)
=> WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience));
public string WriteToken(TPrincipal subject, string apiRoute) => WriteToken(CreateToken(subject: subject, apiRoute: apiRoute)); public string WriteToken(TPrincipal subject, string apiRoute) => WriteToken(CreateToken(subject: subject, apiRoute: apiRoute));
} }