Class WebOAuthSecurityServiceElement
Represents a configuration element containing information about how service validates an access token issued by OAuth/OpenID Connect server and received from a client application.
Inheritance
Namespace: Nevatech.Vsb.Repository.Security.OAuth
Assembly: Nevatech.Vsb.Repository.dll
Syntax
public sealed class WebOAuthSecurityServiceElement : ConfigurationElement
Constructors
WebOAuthSecurityServiceElement()
Declaration
public WebOAuthSecurityServiceElement()
Properties
AdditionalParameters
Gets or sets the Url-encoded, ampersand-separated list of additional query or form parameters to be submitted with the token validation request. Parameters are set as URI query parameters, if token parameter type is set to QueryParameter or HttpHeader, or as Forms parameter in the message body, if token parameter type is set to FormParameter.
Declaration
public string AdditionalParameters { get; set; }
Property Value
Type | Description |
---|---|
System.String |
Audiences
Gets the access token's valid audiences/recipients names. If empty then token audience is not validated.
Declaration
public ValueElementCollection Audiences { get; }
Property Value
Type | Description |
---|---|
ValueElementCollection |
AuthorizationHeaderValue
Gets or sets the Authorization header value to be passed with the token validation request. If not provided then header is not sent at all. If token parameter type is set to HttpHeader and token parameter name is set to "Authorization" then this value will not be used (token value takes precedence).
Declaration
public string AuthorizationHeaderValue { get; set; }
Property Value
Type | Description |
---|---|
System.String |
CacheLifetime
Gets or sets the caching time of a token validation result. This property applies to Reference token validation only. Default is one hour.
Declaration
public TimeSpan CacheLifetime { get; set; }
Property Value
Type | Description |
---|---|
System.TimeSpan |
Issuers
Gets the access token's valid issuer names. If empty then token issuer is not validated.
Declaration
public ValueElementCollection Issuers { get; }
Property Value
Type | Description |
---|---|
ValueElementCollection |
IsTokenRequired
Gets or sets flag indicating that access token must be present in the request message. If token is missing than message will be rejected.
Declaration
public bool IsTokenRequired { get; set; }
Property Value
Type | Description |
---|---|
System.Boolean |
Properties
Gets collection of configuration element properties.
Declaration
protected override ConfigurationPropertyCollection Properties { get; }
Property Value
Type | Description |
---|---|
System.Configuration.ConfigurationPropertyCollection |
SigningCertificateReferences
Gets the X.509 certificate(s) stored in Windows Certificate Store to be used for checking access token's signature. This property is applied to JWT token validation only.
Declaration
public X509CertificateReferenceElementCollection SigningCertificateReferences { get; }
Property Value
Type | Description |
---|---|
X509CertificateReferenceElementCollection |
SigningCertificates
Gets the base64-encoded X.509 certificate(s) to be used for checking access token's signature. This property is applied to JWT token validation only.
Declaration
public X509CertificateElementCollection SigningCertificates { get; }
Property Value
Type | Description |
---|---|
X509CertificateElementCollection |
SigningRsaKeys
Gets the RSA public keys to be used for checking access token's signature. This property is applied to JWT token validation only.
Declaration
public RsaKeyElementCollection SigningRsaKeys { get; }
Property Value
Type | Description |
---|---|
RsaKeyElementCollection |
SigningSecrets
Gets the symmetric secret keys to be used for checking access token's signature. This property is applied to JWT token validation only.
Declaration
public BinarySecretElementCollection SigningSecrets { get; }
Property Value
Type | Description |
---|---|
BinarySecretElementCollection |
TokenFormatString
Gets or sets the format string (for example, "Bearer {0}") to be used to format access token value when calling a token validation endpoint. If not set then value is passed as is.
Declaration
public string TokenFormatString { get; set; }
Property Value
Type | Description |
---|---|
System.String |
TokenParameterName
Gets or sets the name of the URI query parameter, form parameter, or HTTP header providing the access token value when calling a token validation endpoint. Default is "access_token".
Declaration
public string TokenParameterName { get; set; }
Property Value
Type | Description |
---|---|
System.String |
TokenParameterType
Gets or sets the method of sending an access token value when calling a token validation endpoint. Default is a form parameter.
Declaration
public ParameterType TokenParameterType { get; set; }
Property Value
Type | Description |
---|---|
ParameterType |
TokenType
Gets or sets the type of access token that dictates the validation procedure. JWT tokens are validated locally by checking the digital signature. Reference tokens are validated by calling a token validation endpoint and passing the received token as a parameter.
Declaration
public AccessTokenType TokenType { get; set; }
Property Value
Type | Description |
---|---|
AccessTokenType |
TokenValidationEndpoint
Gets or sets the URI to OAuth token validation endpoint or user info endpoint. This endpoint is used to validate reference access tokens received from the client. If not set and reference token type is used then endpoint address is extracted from the authorization service metadata by querying OpenID Connect Discovery endpoint.
Declaration
public Uri TokenValidationEndpoint { get; set; }
Property Value
Type | Description |
---|---|
System.Uri |
TokenValidationTimeout
Gets or sets the token validation request timeout. This property applies to Reference token validation only. Default is one minute.
Declaration
public TimeSpan TokenValidationTimeout { get; set; }
Property Value
Type | Description |
---|---|
System.TimeSpan |
Methods
Copy(WebOAuthSecurityServiceElement)
Copies the content of the specified configuration element to this configuration element.
Declaration
public void Copy(WebOAuthSecurityServiceElement from)
Parameters
Type | Name | Description |
---|---|---|
WebOAuthSecurityServiceElement | from | The configuration element to be copied. |
GetSecurityTokens()
Creates collection of security tokens that are specified in this configuration element.
Declaration
public IList<SecurityToken> GetSecurityTokens()
Returns
Type | Description |
---|---|
System.Collections.Generic.IList<System.IdentityModel.Tokens.SecurityToken> | Collection of security tokens that are specified in this configuration element. |