SigningCredentials = new SigningCredentials( new X509SecurityKey( signingCert), SecurityAlgorithms. Throw new Exception( "No valid certificate available for use as signing credentials! ") Var signingCert = GetLatestCertificateWithRolloverDelay( certificates, _options. Var certificates = await GetAllCertificateVersions( _options.
TryGetValue( CacheKey, out SigningKeys keys)) Public async Task> GetValidationKeysAsync() Public async Task GetSigningCredentialsAsync() Public AzureKeyVaultKeyProvider( IMemor圜ache memor圜ache, IKeyVaultClient keyVaultClient, IOptions options) Private readonly AzureKeyVaultSigningCredentialOptions _options Private readonly IKeyVaultClient _keyVaultClient Public class AzureKeyVaultSigningCredentialOptions / Options for the AzureKeyVaultSigningCredentials AcquireTokenAsync( resource, clientCred) Var clientCred = new ClientCredential( clientId, clientSecret) Var authContext = new AuthenticationContext( authority) Private static async Task GetTokenFromClientSecret( string authority, string resource, string clientId, string clientSecret) AddSingleton( new KeyVaultClient( authenticationCallback)) AuthenticationCallback authenticationCallback, string vault, string certificateName, Action configureOptions) Private static IIdentityServerBuilder AddSigningCredentialFromAzureKeyVaultInternal( this IIdentityServerBuilder identityServerbuilder, KeyVaultClient. AuthenticationCallback( azureServiceTokenProvider. Var authenticationCallback = new KeyVaultClient. Var azureServiceTokenProvider = new AzureServiceTokenProvider() Public static IIdentityServerBuilder AddSigningCredentialFromAzureKeyVault( this IIdentityServerBuilder identityServerbuilder, string vault, string certificateName, Action configureOptions = null) / Use this if you are using MSI (Managed Service Identity) Return AddSigningCredentialFromAzureKeyVaultInternal( identityServerbuilder, authenticationCallback, vault, certificateName, configureOptions) AuthenticationCallback authenticationCallback = ( authority, resource, scope) => GetTokenFromClientSecret( authority, resource, clientId, clientSecret)
Public static IIdentityServerBuilder AddSigningCredentialFromAzureKeyVault( this IIdentityServerBuilder identityServerbuilder, string vault, string certificateName, string clientId, string clientSecret, Action configureOptions = null) / The client secret to use for authentication. / The name of the certificate to use as the signing certificate. / Adds a SigningCredentialStore and a ValidationKeysStore that reads the signing certificate from the Azure KeyVault. Public static class IdentityServerAzureKeyVaultConfigurationExtensions / Extension methods for using Azure Key Vault with.
0 kommentar(er)
