Reworked code around signing keys have key details much more isolated from the other parts of the program.

2026-02-21 20:15:46 +01:00 · 2026-02-21 20:15:46 +01:00 · 0c6f227049
commit 0c6f227049
parent eb872a4f44
40 changed files with 474 additions and 281 deletions
--- a/IdentityShroud.Api/Apis/Mappers/KeyMapper.cs
+++ b/IdentityShroud.Api/Apis/Mappers/KeyMapper.cs
@ -7,41 +7,14 @@ using Microsoft.AspNetCore.WebUtilities;

 namespace IdentityShroud.Api.Mappers;

-public class KeyMapper(IEncryptionService encryptionService)
+public class KeyMapper(IKeyService keyService)
 {
-    public JsonWebKey? KeyToJsonWebKey(RealmKey realmKey)
-    {
-
-        JsonWebKey result = new()
-        {
-            KeyId = realmKey.Id.ToString(),
-            Use = "sig",
-        };
-        switch (realmKey.KeyType)
-        {
-            case "RSA":
-                using (var rsa = RsaHelper.LoadFromPkcs8(realmKey.GetPrivateKey(encryptionService)))
-                {
-                    RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
-                    result.KeyType = rsa.SignatureAlgorithm;
-                    result.Exponent = WebEncoders.Base64UrlEncode(parameters.Exponent!);
-                    result.Modulus = WebEncoders.Base64UrlEncode(parameters.Modulus!);
-                }
-                break;
-        
-            default:
-                return null;
-        }
-
-        return result; 
-    }
-
    public JsonWebKeySet KeyListToJsonWebKeySet(IEnumerable<RealmKey> keys)
    {
        JsonWebKeySet wks = new();
        foreach (var k in keys)
        {
-            var wk = KeyToJsonWebKey(k);
+            var wk = keyService.CreateJsonWebKey(k);
            if (wk is {})
            {
                wks.Keys.Add(wk);