From 2b2ac8b884399fff1e9eee09c84ef189ff5d0a1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Tue, 9 Aug 2016 13:04:10 +0200 Subject: [PATCH] Introduce OpenIddictBuilder.AddSigningKey() --- src/OpenIddict.Core/OpenIddictBuilder.cs | 37 +++++++++++++++++------- 1 file changed, 26 insertions(+), 11 deletions(-) diff --git a/src/OpenIddict.Core/OpenIddictBuilder.cs b/src/OpenIddict.Core/OpenIddictBuilder.cs index 69d5de68..30272dc3 100644 --- a/src/OpenIddict.Core/OpenIddictBuilder.cs +++ b/src/OpenIddict.Core/OpenIddictBuilder.cs @@ -15,6 +15,7 @@ using AspNet.Security.OpenIdConnect.Extensions; using JetBrains.Annotations; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; +using Microsoft.IdentityModel.Tokens; using OpenIddict; namespace Microsoft.AspNetCore.Builder { @@ -288,7 +289,7 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a used to sign the tokens issued by OpenIddict. + /// Registers a that is used to sign the tokens issued by OpenIddict. /// /// The certificate used to sign the security tokens issued by the server. /// The . @@ -305,8 +306,8 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a retrieved from - /// an embedded resource to sign the tokens issued by OpenIddict. + /// Registers a retrieved from an + /// embedded resource and used to sign the tokens issued by OpenIddict. /// /// The assembly containing the certificate. /// The name of the embedded resource. @@ -330,8 +331,8 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a extracted - /// from a stream to sign the tokens issued by OpenIddict. + /// Registers a extracted from a + /// stream and used to sign the tokens issued by OpenIddict. /// /// The stream containing the certificate. /// The password used to open the certificate. @@ -349,8 +350,8 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a extracted - /// from a stream to sign the tokens issued by OpenIddict. + /// Registers a extracted from a + /// stream and used to sign the tokens issued by OpenIddict. /// /// The stream containing the certificate. /// The password used to open the certificate. @@ -373,8 +374,8 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a retrieved from the - /// X.509 machine store to sign the tokens issued by OpenIddict. + /// Registers a retrieved from the X.509 + /// machine store and used to sign the tokens issued by OpenIddict. /// /// The thumbprint of the certificate used to identify it in the X.509 store. /// The . @@ -387,8 +388,8 @@ namespace Microsoft.AspNetCore.Builder { } /// - /// Registers a retrieved from the - /// given X.509 store to sign the tokens issued by OpenIddict. + /// Registers a retrieved from the given + /// X.509 store and used to sign the tokens issued by OpenIddict. /// /// The thumbprint of the certificate used to identify it in the X.509 store. /// The name of the X.509 store. @@ -403,6 +404,20 @@ namespace Microsoft.AspNetCore.Builder { return Configure(options => options.SigningCredentials.AddCertificate(thumbprint, name, location)); } + /// + /// Registers a used to sign the tokens issued by OpenIddict. + /// Note: using asymmetric keys is recommended on production. + /// + /// The security key. + /// The . + public virtual OpenIddictBuilder AddSigningKey([NotNull] SecurityKey key) { + if (key == null) { + throw new ArgumentNullException(nameof(key)); + } + + return Configure(options => options.SigningCredentials.AddKey(key)); + } + /// /// Enables authorization code flow support. For more information /// about this specific OAuth2/OpenID Connect flow, visit