AppStd/DigitalData.Core
Template
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(JwtSignatureService): CreateToken und CreateAndWriteToken Methoden mit Issuer und Audience Inputs hinzugefügt

Browse Source
This commit is contained in:
Developer 02 2025-01-06 12:13:41 +01:00
parent c70327e7f4
commit ed041bf7cb
3 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DigitalData.Core.Security/Config/TokenDescription.cs
View File

@ -86,6 +86,6 @@ namespace DigitalData.Core.Security.Config
/// Optionally specifies the digest algorithm to be applied during the signing process for the <see cref="SigningCredentials"/>.
/// If not provided, the default algorithm is used.
/// </summary>
public string? SigningDigest = null;
public string? SigningDigest { get; init; }
}
}

1
DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs
View File

@ -1,5 +1,4 @@
using DigitalData.Core.Abstractions.Security;
using DigitalData.Core.Security.Config;
namespace DigitalData.Core.Security.Cryptographer
{

25
DigitalData.Core.Security/JwtSignatureService.cs
View File

@ -1,4 +1,5 @@
using AutoMapper;
using DigitalData.Core.Abstractions.Security;
using DigitalData.Core.Security.Config;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
@ -12,10 +13,16 @@ namespace DigitalData.Core.Security
private readonly IMapper _mapper;
public JwtSignatureService(IOptions<ClaimDescriptor<TPrincipal>> claimDescriptorOptions, IMapper mapper)
private readonly IEnumerable<TokenDescription>? _tokenDescriptions;
private readonly AsymCryptHandler _cryptHandler;
public JwtSignatureService(IOptions<ClaimDescriptor<TPrincipal>> claimDescriptorOptions, IMapper mapper, IOptions<IEnumerable<TokenDescription>>? tokenDescriptionOptions, AsymCryptHandler asymCryptHandler)
{
_claimDescriptor = claimDescriptorOptions.Value;
_mapper = mapper;
_tokenDescriptions = tokenDescriptionOptions?.Value;
_cryptHandler = asymCryptHandler;
}
public SecurityToken CreateToken(TPrincipal subject, TokenDescription description)
@ -26,6 +33,20 @@ namespace DigitalData.Core.Security
return CreateToken(descriptor);
}
public string CreateAndWriteToken(TPrincipal subject, TokenDescription description) => WriteToken(CreateToken(subject, description));
public SecurityToken CreateToken(TPrincipal subject, string issuer, string audience)
{
var description = _tokenDescriptions?.Get(issuer: issuer, audience: audience)
?? throw new InvalidOperationException($"No token description found for issuer '{issuer}' and audience '{audience}'.");
description.SigningCredentials = _cryptHandler.Decryptors
.Get(issuer: issuer, audience: audience)
.CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest);
return CreateToken(subject: subject, description: description);
}
public string CreateAndWriteToken(TPrincipal subject, TokenDescription description) => WriteToken(CreateToken(subject: subject, description: description));
public string CreateAndWriteToken(TPrincipal subject, string issuer, string audience) => WriteToken(CreateToken(subject: subject, issuer: issuer, audience: audience));
}
}