tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix the credentials sorting algorithm to correctly sort X509SecurityKey instances

pull/1926/head
Kévin Chalet 2 years ago
parent
a694877d8b
commit
b94674eb7f
3 changed files with 3 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      src/OpenIddict.Client/OpenIddictClientConfiguration.cs
  2. 2
      src/OpenIddict.Server/OpenIddictServerConfiguration.cs
  3. 2
      src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs

2
src/OpenIddict.Client/OpenIddictClientConfiguration.cs
View File

@ -246,7 +246,7 @@ public sealed class OpenIddictClientConfiguration : IPostConfigureOptions<OpenId
// If one of the keys is backed by a X.509 certificate, don't prefer it if it's not valid yet.
(X509SecurityKey first, SecurityKey) when first.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => -1,
// If the two keys are backed by a X.509 certificate, prefer the one with the furthest expiration date.
(X509SecurityKey first, X509SecurityKey second) => -first.Certificate.NotAfter.CompareTo(second.Certificate.NotAfter),

2
src/OpenIddict.Server/OpenIddictServerConfiguration.cs
View File

@ -319,7 +319,7 @@ public sealed class OpenIddictServerConfiguration : IPostConfigureOptions<OpenId
// If one of the keys is backed by a X.509 certificate, don't prefer it if it's not valid yet.
(X509SecurityKey first, SecurityKey) when first.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => -1,
// If the two keys are backed by a X.509 certificate, prefer the one with the furthest expiration date.
(X509SecurityKey first, X509SecurityKey second) => -first.Certificate.NotAfter.CompareTo(second.Certificate.NotAfter),

2
src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs
View File

@ -159,7 +159,7 @@ public sealed class OpenIddictValidationConfiguration : IPostConfigureOptions<Op
// If one of the keys is backed by a X.509 certificate, don't prefer it if it's not valid yet.
(X509SecurityKey first, SecurityKey) when first.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => 1,
(SecurityKey, X509SecurityKey second) when second.Certificate.NotBefore > DateTime.Now => -1,
// If the two keys are backed by a X.509 certificate, prefer the one with the furthest expiration date.
(X509SecurityKey first, X509SecurityKey second) => -first.Certificate.NotAfter.CompareTo(second.Certificate.NotAfter),

Write Preview
Loading…
Cancel
Save