Implement jwks endpoint and add test for it.

This also let to some improvements/cleanups of the other tests and fixtures.
2026-02-15 19:06:09 +01:00 · 2026-02-15 19:06:09 +01:00 · ccb06b260c
commit ccb06b260c
parent a80c133e2a
24 changed files with 353 additions and 107 deletions
--- a/IdentityShroud.Api/Apis/Mappers/KeyMapper.cs
+++ b/IdentityShroud.Api/Apis/Mappers/KeyMapper.cs
@ -0,0 +1,34 @@
+using System.Security.Cryptography;
+using IdentityShroud.Core.Contracts;
+using IdentityShroud.Core.Messages;
+using IdentityShroud.Core.Model;
+using IdentityShroud.Core.Security;
+using Microsoft.AspNetCore.WebUtilities;
+
+namespace IdentityShroud.Api.Mappers;
+
+public class KeyMapper(IEncryptionService encryptionService)
+{
+    public JsonWebKey KeyToJsonWebKey(Key key)
+    {
+        using var rsa = RsaHelper.LoadFromPkcs8(key.GetPrivateKey(encryptionService));
+        RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
+        
+        return new JsonWebKey()
+        {
+            KeyType = rsa.SignatureAlgorithm,
+            KeyId = key.Id.ToString(),
+            Use = "sig",
+            Exponent = WebEncoders.Base64UrlEncode(parameters.Exponent!),
+            Modulus = WebEncoders.Base64UrlEncode(parameters.Modulus!),
+        };
+    }
+
+    public JsonWebKeySet KeyListToJsonWebKeySet(IEnumerable<Key> keys)
+    {
+        return new JsonWebKeySet()
+        {
+            Keys = keys.Select(e => KeyToJsonWebKey(e)).ToList(),
+        };
+    }
+}