Skip to content

Instantly share code, notes, and snippets.

@chriskuech

chriskuech/aspnettokens-block3.cs Secret

Created April 1, 2020 20:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save chriskuech/6d3c59b13a256e0c95150bb876613da9 to your computer and use it in GitHub Desktop.
Save chriskuech/6d3c59b13a256e0c95150bb876613da9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
aspnettokens-block3.cs
[Route(Constants.KeysRoute)]
[Consumes("application/json")]
[Produces("application/json")]
[ApiController]
public class KeySetController : ControllerBase
{
private readonly IEnumerable<X509Certificate2> signingCertificates;
public KeySetController(
// add this to dependency injection
IEnumerable<X509Certificate2> signingCertificates)
{
this.signingCertificates = signingCertificates;
}
[HttpGet]
public async Task<IActionResult> GetKeySetAsync(CancellationToken cancellationToken)
{
var jwks = new JsonWebKeySet();
foreach (var certificate in this.signingCertificates)
{
var rsaParameters = ((RSA)certificate.PublicKey.Key).ExportParameters(false);
var jwk = new JsonWebKey()
{
// https://tools.ietf.org/html/rfc7517#section-4
Kty = certificate.PublicKey.Key.KeyExchangeAlgorithm,
Use = "sig",
Kid = certificate.Thumbprint,
X5t = certificate.Thumbprint,
// https://tools.ietf.org/html/rfc7517#appendix-B
N = Convert.ToBase64String(rsaParameters.Modulus),
E = Convert.ToBase64String(rsaParameters.Exponent),
};
jwks.Keys.Add(jwk);
}
return Ok(jwks);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment