nikosft/iSHARE.cs

## iSHARE.cs
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Cryptography;

/*
* Extract from a p12 file the public key in X509 format
* openssl pkcs12 -in i4trust.p12 -out certificate.cer -nokeys
* Remove first and last line
*/

var clientCertificate = @"
MIIEoTCCAomgAwIBAgIILLrbm3Y3rOkwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UE
AwwQaVNIQVJFVGVzdENBX1RMUzENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNI
QVJFMQswCQYDVQQGEwJOTDAeFw0yMjA0MDUwNzQxMjRaFw0yMzA3MjIxNTE0MTNa
MGIxFTATBgNVBAMMDEFCQyBUcnVja2luZzEcMBoGA1UEBRMTRVUuRU9SSS5OTDAw
MDAwMDAwMTENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNIQVJFMQswCQYDVQQG
EwJOTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKEmHHT7CkVesLw
4uFmo5isXZLqTVtEbntnHOZ3zplEEVcB0Y1U3eZdc4VkNAqnbZi/gYJ+Sfeca6wu
6La+1SktruENoaktlm1sMbtMOCPPYe0PaBvh+ksIdjFm96xOaz/y3PVmYNjBqh/H
zsiW2/+7Px8raGYYfJVVtGBumKvvhdUIqQsi1lik7YeFYh69EkqyCTSyFvSCsuvQ
VAV/DFRyhTJlLXWvBc3GpVWhU3IsHWRo+hVeIHt4y8i9ewfzg4wDzu8BM3ZPq79N
5D6h03Jdb9kzoNhzHtcDyjrHNWiTbGfwYed4FIh2hGptgUPE4dtftaVvhr8LcQjp
nodhTfUCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQWPOcg6daU
7x/lovG4/L7q3yw3gTATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQULSfL
etp7x0q6bBpA8gvzZhswQN0wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBCwUA
A4ICAQBsuXGZTVWDRONqRbacc0YDnEBoSTQ4U1C/z3ojptvO2aqXK1HEel8b71zH
vkV8atQKcBBA3cGPXBmgRjBfmffZ/7ENdlXp6uVXv7b0eVhX0/HKFGpKi0Hn7vZ4
jUkLLopuJ0IgLQDFC2ECCADUuaNlga7Zk7AZ6hDq6M+PH4olxmG1E+KGp5cPywgC
zwzFBtxmqpcTl8MiuARdlZ9iTOcm+b6pve0uBYrE7G+ESh8NtPjeLXp2KJC+fYcE
/j2GW9HRASvRMsycWBx3Vt1m2m8EwZPCWH5gprfPs84YGb6LCMRSWAVqwqTOwxRM
kjIYYHWaYtZMYbVikW23sVFY/PMdi5WY+RQuA2VToyCfbGWPt+6zSKujp23kkbq4
CA9EdJc+thjF7ig3l9iVn/7+ve4xSwOcympm2pBHPqqemLaxd+QYztKRzWtha+Yg
iU0YMJzLFVQLOSCywnNJ810bQ122A8yus/zXaEn43nkxq3pRyiCM0PTUoANFK1CJ
c7hzFS1WF7Xl5CQxGGOZt8rEacOI8fmxwar7s6g6yMVbCbsABfi7KiQQleInpCD7
RBgwT6mjQlQaG/RGZvRPGtpxLiAoXTm1bDtyo0jK/7RUc4eaQoeASEr2F7SGx6R0L
TQKyQQrwxAZYWBI1yVTwG0egYSCadP5xTkGUwU63pLuamN6rg==
";

/*
 * Extract from a p12 file the private key in PKCS#1 format
 *  openssl pkcs12 -in i4trust.p12  -nodes -nocerts | openssl rsa -out private.key
 *  Remove first and last line
 */

var clientPrivateKey = @"
MIIEpAIBAAKCAQEA4oSYcdPsKRV6wvDi4WajmKxdkupNW0Rue2cc5nfOmUQRVwHR
jVTd5l1zhWQ0CqdtmL+Bgn5J95xrrC7otr7VKS2u4Q2hqS2WbWwxu0w4I89h7Q9o
G+H6Swh2MWb3rE5rP/Lc9WZg2MGqH8fOyJbb/7s/HytoZhh8lVW0YG6Yq++F1Qip
CyLWWKTth4ViHr0SSrIJNLIW9IKy69BUBX8MVHKFMmUtda8FzcalVaFTciwdZGj6
FV4ge3jLyL17B/ODjAPO7wEzdk+rv03kPqHTcl1v2TOg2HMe1wPKOsc1aJNsZ/Bh
53gUiHaEam2BQ8Th21+1pW+GvwtxCOmeh2FN9QIDAQABAoIBAAqmW8l8Qn3y/9TT
AQPCcN4genzKDc2E8+HS6QGv79N2Zw9Na1YG/7DRQ3lpyuWWVhmIpXTmbaFZ5hkQ
EopnAfwf5Pk5TBi5ZzlpTRRGgtwyJ6M+5nDrKLqm4PG1Kt9bx4CX8UoLYHHIdzBr
0z3Mk/bbzZ2wS4YDUDYwM50WDhEFSQD4lIfNLc9g/fd6SLbAkT7J/XjBAS+d5xrc
5GosvUD8/eweYYH+2Ck784mF8pqcIuqWNlhozEjWCUK0zPU50q1xwma/GiHvCJXZ
nxbFBqj802cG4qxbaZPcle9dj3qoEiqsaR726+ulhLD6b0IXHiJU95RODX0VYgob
5DhwX2kCgYEA+AI+U44F9X1yp6JK84pjDFXARk/eJupXjMn6h1v+KyEXqSxQpMoU
XHp4OfsrxAAzK7ebbgYPcFVt/QzsR608UkPpIbc7HJuME9mkrsO1mm2+PlD+Z4/1
D9kCQqg8HQQRrRVlRyQ/mLcSkUnA4o73XrcpkIoNbNQ7wcNe0cIcLd0CgYEA6dEU
hu7bZkhyR9mzTVKMFMHuulY3tGretvyCoYP/1jGm7fXlNR6lIz5RiH80OcLK2fpP
DwJwN4Aue9aLSxKI1xKamJI69K8Bx44S+pVQGDL2cKAMtD8zZJt/UEjepfgUQih5
4cHTUZXTK4VHDUmyuFbyNgiIe2dtCLDJmqotWvkCgYEAj05Uj1lYjiK/1qeLobBM
TXtbUAWke14b2sl3DzIT6v4DOwjVTHNMUqedwvskrevjpZZBpNCxqRpkJL2L5lru
qSZ+lrHW4U/sICg55ZZG4IYbUMziRBtF4rNlf/jQS3/natkbHYGPkgHvI663WvJ7
c+pohRGQclsscGkg6Bm+yK0CgYBvZ7l6GTDcaURaS7YM73njIgwXKKFeC1WWpnWv
c29gpUO+Od0+FB3mzviWKtW9d7yjY4prwmOpbh+3zZ+M44Xjw+95JqOEliYo6N7O
GnqRLScSvo+PClX4Z8afgDjlp3AvnY2FLY78XoDBSb1y7VyETJkXebVd5weijmlg
khkOMQKBgQC7LsIPdIENWgki83cLiNOQtnHER5dKE7cMflmT+cQXDGC0/6ejQDvt
S7zG77zGko+6HChX8qFJC/drzCurC6P8GGe5Cv5TzbC8qAfk+93MOKs1FpxlIV6S
qvvTz/JV6V5pJCAOhTau4ssyTmyZwNMfBlt1xD+KaMPhYZsWdntmbA==
";

var clientEORI = "EU.EORI.NL000000001";
var satelliteID = "EU.EORI.NL000000000";
var satelliteURL = "https://scheme.isharetest.net";


//HEADER fields
var x5c = new String[] {clientCertificate.Replace("\n", String.Empty).Replace("\r", String.Empty) };
RSA rsa = RSA.Create();
rsa.ImportRSAPrivateKey(Convert.FromBase64String(clientPrivateKey), out _);
var jwtHeader = new JwtHeader(
                new SigningCredentials(
                    key: new RsaSecurityKey(rsa),
                    algorithm: SecurityAlgorithms.RsaSha256));
jwtHeader.Add("x5c", x5c);

//PAYLOAD fields
var iss = clientEORI;
var sub = clientEORI;
var aud = satelliteID;
var jti = System.Guid.NewGuid();
var iat = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
var exp = DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds();
var payload = new JwtPayload();
payload.Add("jti", jti);
payload.Add("aud", aud);
payload.Add("iat", iat);
payload.Add("exp", exp);
payload.Add("iss", iss);
payload.Add("sub", sub);

//Create the signed token
var jwtToken = new JwtSecurityToken(jwtHeader, payload);
var jwtTokenHandler = new JwtSecurityTokenHandler();
var clientAssertion = jwtTokenHandler.WriteToken(jwtToken);
Console.WriteLine(clientAssertion);

//Request access token
var requestBody = new FormUrlEncodedContent(new Dictionary<string, string>
            {
                { "grant_type", "client_credentials" },
                { "scope", "iSHARE" },
                { "client_id", clientEORI },
                { "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" },
                { "client_assertion", clientAssertion }
            });
var httpClient = new HttpClient();
var response = await httpClient.PostAsync(satelliteURL + "/connect/token", requestBody);
var content = await response.Content.ReadAsStringAsync();
Console.WriteLine(content);
	using Microsoft.IdentityModel.Tokens;
	using System.IdentityModel.Tokens.Jwt;
	using System.Security.Cryptography;

	/*
	* Extract from a p12 file the public key in X509 format
	* openssl pkcs12 -in i4trust.p12 -out certificate.cer -nokeys
	* Remove first and last line
	*/

	var clientCertificate = @"
	MIIEoTCCAomgAwIBAgIILLrbm3Y3rOkwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UE
	AwwQaVNIQVJFVGVzdENBX1RMUzENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNI
	QVJFMQswCQYDVQQGEwJOTDAeFw0yMjA0MDUwNzQxMjRaFw0yMzA3MjIxNTE0MTNa
	MGIxFTATBgNVBAMMDEFCQyBUcnVja2luZzEcMBoGA1UEBRMTRVUuRU9SSS5OTDAw
	MDAwMDAwMTENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNIQVJFMQswCQYDVQQG
	EwJOTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKEmHHT7CkVesLw
	4uFmo5isXZLqTVtEbntnHOZ3zplEEVcB0Y1U3eZdc4VkNAqnbZi/gYJ+Sfeca6wu
	6La+1SktruENoaktlm1sMbtMOCPPYe0PaBvh+ksIdjFm96xOaz/y3PVmYNjBqh/H
	zsiW2/+7Px8raGYYfJVVtGBumKvvhdUIqQsi1lik7YeFYh69EkqyCTSyFvSCsuvQ
	VAV/DFRyhTJlLXWvBc3GpVWhU3IsHWRo+hVeIHt4y8i9ewfzg4wDzu8BM3ZPq79N
	5D6h03Jdb9kzoNhzHtcDyjrHNWiTbGfwYed4FIh2hGptgUPE4dtftaVvhr8LcQjp
	nodhTfUCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQWPOcg6daU
	7x/lovG4/L7q3yw3gTATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQULSfL
	etp7x0q6bBpA8gvzZhswQN0wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBCwUA
	A4ICAQBsuXGZTVWDRONqRbacc0YDnEBoSTQ4U1C/z3ojptvO2aqXK1HEel8b71zH
	vkV8atQKcBBA3cGPXBmgRjBfmffZ/7ENdlXp6uVXv7b0eVhX0/HKFGpKi0Hn7vZ4
	jUkLLopuJ0IgLQDFC2ECCADUuaNlga7Zk7AZ6hDq6M+PH4olxmG1E+KGp5cPywgC
	zwzFBtxmqpcTl8MiuARdlZ9iTOcm+b6pve0uBYrE7G+ESh8NtPjeLXp2KJC+fYcE
	/j2GW9HRASvRMsycWBx3Vt1m2m8EwZPCWH5gprfPs84YGb6LCMRSWAVqwqTOwxRM
	kjIYYHWaYtZMYbVikW23sVFY/PMdi5WY+RQuA2VToyCfbGWPt+6zSKujp23kkbq4
	CA9EdJc+thjF7ig3l9iVn/7+ve4xSwOcympm2pBHPqqemLaxd+QYztKRzWtha+Yg
	iU0YMJzLFVQLOSCywnNJ810bQ122A8yus/zXaEn43nkxq3pRyiCM0PTUoANFK1CJ
	c7hzFS1WF7Xl5CQxGGOZt8rEacOI8fmxwar7s6g6yMVbCbsABfi7KiQQleInpCD7
	RBgwT6mjQlQaG/RGZvRPGtpxLiAoXTm1bDtyo0jK/7RUc4eaQoeASEr2F7SGx6R0L
	TQKyQQrwxAZYWBI1yVTwG0egYSCadP5xTkGUwU63pLuamN6rg==
	";

	/*
	* Extract from a p12 file the private key in PKCS#1 format
	* openssl pkcs12 -in i4trust.p12 -nodes -nocerts \| openssl rsa -out private.key
	* Remove first and last line
	*/

	var clientPrivateKey = @"
	MIIEpAIBAAKCAQEA4oSYcdPsKRV6wvDi4WajmKxdkupNW0Rue2cc5nfOmUQRVwHR
	jVTd5l1zhWQ0CqdtmL+Bgn5J95xrrC7otr7VKS2u4Q2hqS2WbWwxu0w4I89h7Q9o
	G+H6Swh2MWb3rE5rP/Lc9WZg2MGqH8fOyJbb/7s/HytoZhh8lVW0YG6Yq++F1Qip
	CyLWWKTth4ViHr0SSrIJNLIW9IKy69BUBX8MVHKFMmUtda8FzcalVaFTciwdZGj6
	FV4ge3jLyL17B/ODjAPO7wEzdk+rv03kPqHTcl1v2TOg2HMe1wPKOsc1aJNsZ/Bh
	53gUiHaEam2BQ8Th21+1pW+GvwtxCOmeh2FN9QIDAQABAoIBAAqmW8l8Qn3y/9TT
	AQPCcN4genzKDc2E8+HS6QGv79N2Zw9Na1YG/7DRQ3lpyuWWVhmIpXTmbaFZ5hkQ
	EopnAfwf5Pk5TBi5ZzlpTRRGgtwyJ6M+5nDrKLqm4PG1Kt9bx4CX8UoLYHHIdzBr
	0z3Mk/bbzZ2wS4YDUDYwM50WDhEFSQD4lIfNLc9g/fd6SLbAkT7J/XjBAS+d5xrc
	5GosvUD8/eweYYH+2Ck784mF8pqcIuqWNlhozEjWCUK0zPU50q1xwma/GiHvCJXZ
	nxbFBqj802cG4qxbaZPcle9dj3qoEiqsaR726+ulhLD6b0IXHiJU95RODX0VYgob
	5DhwX2kCgYEA+AI+U44F9X1yp6JK84pjDFXARk/eJupXjMn6h1v+KyEXqSxQpMoU
	XHp4OfsrxAAzK7ebbgYPcFVt/QzsR608UkPpIbc7HJuME9mkrsO1mm2+PlD+Z4/1
	D9kCQqg8HQQRrRVlRyQ/mLcSkUnA4o73XrcpkIoNbNQ7wcNe0cIcLd0CgYEA6dEU
	hu7bZkhyR9mzTVKMFMHuulY3tGretvyCoYP/1jGm7fXlNR6lIz5RiH80OcLK2fpP
	DwJwN4Aue9aLSxKI1xKamJI69K8Bx44S+pVQGDL2cKAMtD8zZJt/UEjepfgUQih5
	4cHTUZXTK4VHDUmyuFbyNgiIe2dtCLDJmqotWvkCgYEAj05Uj1lYjiK/1qeLobBM
	TXtbUAWke14b2sl3DzIT6v4DOwjVTHNMUqedwvskrevjpZZBpNCxqRpkJL2L5lru
	qSZ+lrHW4U/sICg55ZZG4IYbUMziRBtF4rNlf/jQS3/natkbHYGPkgHvI663WvJ7
	c+pohRGQclsscGkg6Bm+yK0CgYBvZ7l6GTDcaURaS7YM73njIgwXKKFeC1WWpnWv
	c29gpUO+Od0+FB3mzviWKtW9d7yjY4prwmOpbh+3zZ+M44Xjw+95JqOEliYo6N7O
	GnqRLScSvo+PClX4Z8afgDjlp3AvnY2FLY78XoDBSb1y7VyETJkXebVd5weijmlg
	khkOMQKBgQC7LsIPdIENWgki83cLiNOQtnHER5dKE7cMflmT+cQXDGC0/6ejQDvt
	S7zG77zGko+6HChX8qFJC/drzCurC6P8GGe5Cv5TzbC8qAfk+93MOKs1FpxlIV6S
	qvvTz/JV6V5pJCAOhTau4ssyTmyZwNMfBlt1xD+KaMPhYZsWdntmbA==
	";

	var clientEORI = "EU.EORI.NL000000001";
	var satelliteID = "EU.EORI.NL000000000";
	var satelliteURL = "https://scheme.isharetest.net";


	//HEADER fields
	var x5c = new String[] {clientCertificate.Replace("\n", String.Empty).Replace("\r", String.Empty) };
	RSA rsa = RSA.Create();
	rsa.ImportRSAPrivateKey(Convert.FromBase64String(clientPrivateKey), out _);
	var jwtHeader = new JwtHeader(
	new SigningCredentials(
	key: new RsaSecurityKey(rsa),
	algorithm: SecurityAlgorithms.RsaSha256));
	jwtHeader.Add("x5c", x5c);

	//PAYLOAD fields
	var iss = clientEORI;
	var sub = clientEORI;
	var aud = satelliteID;
	var jti = System.Guid.NewGuid();
	var iat = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
	var exp = DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds();
	var payload = new JwtPayload();
	payload.Add("jti", jti);
	payload.Add("aud", aud);
	payload.Add("iat", iat);
	payload.Add("exp", exp);
	payload.Add("iss", iss);
	payload.Add("sub", sub);

	//Create the signed token
	var jwtToken = new JwtSecurityToken(jwtHeader, payload);
	var jwtTokenHandler = new JwtSecurityTokenHandler();
	var clientAssertion = jwtTokenHandler.WriteToken(jwtToken);
	Console.WriteLine(clientAssertion);

	//Request access token
	var requestBody = new FormUrlEncodedContent(new Dictionary<string, string>
	{
	{ "grant_type", "client_credentials" },
	{ "scope", "iSHARE" },
	{ "client_id", clientEORI },
	{ "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" },
	{ "client_assertion", clientAssertion }
	});
	var httpClient = new HttpClient();
	var response = await httpClient.PostAsync(satelliteURL + "/connect/token", requestBody);
	var content = await response.Content.ReadAsStringAsync();
	Console.WriteLine(content);