Backport the dependencies and OpenIddictServerBuilder changes to OpenIddict 1.x

8 years ago · 5b32f1557a
4 changed files with 36 additions and 6 deletions
--- a/build/dependencies.props
+++ b/build/dependencies.props
@ -2,8 +2,8 @@

  <PropertyGroup Label="Package Versions">
    <AspNetCoreVersion>1.0.0</AspNetCoreVersion>
-    <AspNetContribOpenIdExtensionsVersion>1.1.0-preview-final</AspNetContribOpenIdExtensionsVersion>
-    <AspNetContribOpenIdServerVersion>1.1.0-preview-final</AspNetContribOpenIdServerVersion>
+    <AspNetContribOpenIdExtensionsVersion>1.1.0-rtm-0319</AspNetContribOpenIdExtensionsVersion>
+    <AspNetContribOpenIdServerVersion>1.1.0-rtm-1401</AspNetContribOpenIdServerVersion>
    <ClaimsVersion>4.0.1</ClaimsVersion>
    <CryptoHelperVersion>2.0.4</CryptoHelperVersion>
    <DataAnnotationsVersion>4.1.0</DataAnnotationsVersion>
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs
@ -517,7 +517,7 @@ namespace OpenIddict.Server
            }
        }

-        private async Task<bool> TryExtendTokenAsync(
+        private async Task<bool> TryExtendRefreshTokenAsync(
            [NotNull] object token, [NotNull] AuthenticationTicket ticket,
            [NotNull] HttpContext context, [NotNull] OpenIddictServerOptions options)
        {
@ -530,8 +530,7 @@ namespace OpenIddict.Server
            try
            {
                // Compute the new expiration date of the refresh token.
-                var date = options.SystemClock.UtcNow;
-                date += ticket.GetRefreshTokenLifetime() ?? options.RefreshTokenLifetime;
+                var date = options.SystemClock.UtcNow + (ticket.GetRefreshTokenLifetime() ?? options.RefreshTokenLifetime);

                // Note: the request cancellation token is deliberately not used here to ensure the caller
                // cannot prevent this operation from being executed by resetting the TCP connection.
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs
@ -158,7 +158,7 @@ namespace OpenIddict.Server
                        // already updated the expiration date associated with the refresh token.
                        if (!options.UseRollingTokens && options.UseSlidingExpiration)
                        {
-                            await TryExtendTokenAsync(token, context.Ticket, context.HttpContext, options);
+                            await TryExtendRefreshTokenAsync(token, context.Ticket, context.HttpContext, options);
                        }
                    }
                }
--- a/src/OpenIddict.Server/OpenIddictServerBuilder.cs
+++ b/src/OpenIddict.Server/OpenIddictServerBuilder.cs
@ -244,6 +244,37 @@ namespace Microsoft.Extensions.DependencyInjection
            return Configure(options => options.SigningCredentials.AddCertificate(assembly, resource, password));
        }

+        /// <summary>
+        /// Registers a <see cref="X509Certificate2"/> retrieved from an
+        /// embedded resource and used to sign the JWT tokens issued by OpenIddict.
+        /// </summary>
+        /// <param name="assembly">The assembly containing the certificate.</param>
+        /// <param name="resource">The name of the embedded resource.</param>
+        /// <param name="password">The password used to open the certificate.</param>
+        /// <param name="flags">An enumeration of flags indicating how and where to store the private key of the certificate.</param>
+        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+        public OpenIddictServerBuilder AddSigningCertificate(
+            [NotNull] Assembly assembly, [NotNull] string resource,
+            [NotNull] string password, X509KeyStorageFlags flags)
+        {
+            if (assembly == null)
+            {
+                throw new ArgumentNullException(nameof(assembly));
+            }
+
+            if (string.IsNullOrEmpty(resource))
+            {
+                throw new ArgumentNullException(nameof(resource));
+            }
+
+            if (string.IsNullOrEmpty(password))
+            {
+                throw new ArgumentException("The password cannot be null or empty.", nameof(password));
+            }
+
+            return Configure(options => options.SigningCredentials.AddCertificate(assembly, resource, password, flags));
+        }
+
        /// <summary>
        /// Registers a <see cref="X509Certificate2"/> extracted from a
        /// stream and used to sign the JWT tokens issued by OpenIddict.