Created
April 12, 2021 19:14
-
-
Save anand374/dd20841d0d54155b79af21bc536a59c0 to your computer and use it in GitHub Desktop.
OIDC Helper Class
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.IdentityModel.Protocols; | |
using Microsoft.IdentityModel.Protocols.OpenIdConnect; | |
using System.Collections.Generic; | |
using System.Net.Http; | |
using System.Threading.Tasks; | |
namespace TokenValidator | |
{ | |
/// <summary> | |
/// Class responsible for pulling the OpenIDConnect security information for the relevant AAD endpoint (v1.0 or v2.0) in | |
/// a THREAD-SAFE manner | |
/// </summary> | |
public class OpenIdConnectCachingSecurityTokenProvider | |
{ | |
private ConfigurationManager<OpenIdConnectConfiguration> _configManager; | |
private string _issuer; | |
private IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> _tokens; | |
private readonly string _metadataEndpoint; | |
/// <summary> | |
/// Constructor for creating instance of security token provider | |
/// </summary> | |
/// <param name="metadataEndpoint"></param> | |
/// <param name="metadataClient"></param> | |
public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint, HttpClient metadataClient) | |
{ | |
_metadataEndpoint = metadataEndpoint; | |
_configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever(), metadataClient); | |
RetrieveMetadata(); | |
} | |
/// <summary> | |
/// Gets the issuer the credentials are for. | |
/// </summary> | |
/// <value> | |
/// The issuer the credentials are for. | |
/// </value> | |
public string Issuer | |
{ | |
get | |
{ | |
RetrieveMetadata(); | |
return _issuer; | |
} | |
} | |
/// <summary> | |
/// Gets all known security tokens. | |
/// </summary> | |
/// <value> | |
/// All known security tokens. | |
/// </value> | |
public IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> SecurityTokens | |
{ | |
get | |
{ | |
RetrieveMetadata(); | |
return _tokens; | |
} | |
} | |
/// <summary> | |
/// Retrieves the metadata including the issuer and signing keys. Note that there is a | |
/// refresh interval involved and not all calls to this method result in actual calls to Microsoft AAD | |
/// to refresh the Issuer and SigningKeys. Please look into AutomaticRefreshInterval and RefreshInterval | |
/// of Microsoft.IdentityModel.Protocols.ConfigurationManager. | |
/// </summary> | |
private void RetrieveMetadata() | |
{ | |
OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result; | |
_issuer = config.Issuer; | |
_tokens = config.SigningKeys; | |
} | |
/// <summary> | |
/// Cause a forced refresh of signing keys, useful in case key rollover happened. | |
/// </summary> | |
public void RequestRefresh() | |
{ | |
_configManager.RequestRefresh(); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment