diff --git a/build/dependencies.props b/build/dependencies.props index 1f5a4393..46d982df 100644 --- a/build/dependencies.props +++ b/build/dependencies.props @@ -2,8 +2,8 @@ 1.0.0 - 1.1.0-preview-final - 1.1.0-preview-final + 1.1.0-rtm-0319 + 1.1.0-rtm-1401 4.0.1 2.0.4 4.1.0 diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs index 99104e67..d5fa6162 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs @@ -517,7 +517,7 @@ namespace OpenIddict.Server } } - private async Task TryExtendTokenAsync( + private async Task TryExtendRefreshTokenAsync( [NotNull] object token, [NotNull] AuthenticationTicket ticket, [NotNull] HttpContext context, [NotNull] OpenIddictServerOptions options) { @@ -530,8 +530,7 @@ namespace OpenIddict.Server try { // Compute the new expiration date of the refresh token. - var date = options.SystemClock.UtcNow; - date += ticket.GetRefreshTokenLifetime() ?? options.RefreshTokenLifetime; + var date = options.SystemClock.UtcNow + (ticket.GetRefreshTokenLifetime() ?? options.RefreshTokenLifetime); // Note: the request cancellation token is deliberately not used here to ensure the caller // cannot prevent this operation from being executed by resetting the TCP connection. diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs index 70c82de2..5911234b 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs @@ -158,7 +158,7 @@ namespace OpenIddict.Server // already updated the expiration date associated with the refresh token. if (!options.UseRollingTokens && options.UseSlidingExpiration) { - await TryExtendTokenAsync(token, context.Ticket, context.HttpContext, options); + await TryExtendRefreshTokenAsync(token, context.Ticket, context.HttpContext, options); } } } diff --git a/src/OpenIddict.Server/OpenIddictServerBuilder.cs b/src/OpenIddict.Server/OpenIddictServerBuilder.cs index a0d932a1..09bd923e 100644 --- a/src/OpenIddict.Server/OpenIddictServerBuilder.cs +++ b/src/OpenIddict.Server/OpenIddictServerBuilder.cs @@ -244,6 +244,37 @@ namespace Microsoft.Extensions.DependencyInjection return Configure(options => options.SigningCredentials.AddCertificate(assembly, resource, password)); } + /// + /// Registers a retrieved from an + /// embedded resource and used to sign the JWT tokens issued by OpenIddict. + /// + /// The assembly containing the certificate. + /// The name of the embedded resource. + /// The password used to open the certificate. + /// An enumeration of flags indicating how and where to store the private key of the certificate. + /// The . + public OpenIddictServerBuilder AddSigningCertificate( + [NotNull] Assembly assembly, [NotNull] string resource, + [NotNull] string password, X509KeyStorageFlags flags) + { + if (assembly == null) + { + throw new ArgumentNullException(nameof(assembly)); + } + + if (string.IsNullOrEmpty(resource)) + { + throw new ArgumentNullException(nameof(resource)); + } + + if (string.IsNullOrEmpty(password)) + { + throw new ArgumentException("The password cannot be null or empty.", nameof(password)); + } + + return Configure(options => options.SigningCredentials.AddCertificate(assembly, resource, password, flags)); + } + /// /// Registers a extracted from a /// stream and used to sign the JWT tokens issued by OpenIddict.