41 lines
No EOL
1.3 KiB
C#
41 lines
No EOL
1.3 KiB
C#
using System.Text.Json.Serialization;
|
|
|
|
namespace IdentityShroud.Core.Messages;
|
|
|
|
// https://www.rfc-editor.org/rfc/rfc7517.html
|
|
|
|
|
|
public class JsonWebKey
|
|
{
|
|
[JsonPropertyName("kty")]
|
|
public string KeyType { get; set; } = "RSA";
|
|
|
|
// Common values sig(nature) enc(ryption)
|
|
[JsonPropertyName("use")]
|
|
public string? Use { get; set; } = "sig"; // "sig" for signature, "enc" for encryption
|
|
|
|
// Per standard this field is optional, commented out for now as it seems not
|
|
// have any good use in an identity server. Anyone validating tokens should use
|
|
// the algorithm specified in the header of the token.
|
|
// [JsonPropertyName("alg")]
|
|
// public string? Algorithm { get; set; } = "RS256";
|
|
|
|
[JsonPropertyName("kid")]
|
|
public required string KeyId { get; set; }
|
|
|
|
// RSA Public Key Components
|
|
[JsonPropertyName("n")]
|
|
public required string Modulus { get; set; }
|
|
|
|
[JsonPropertyName("e")]
|
|
public required string Exponent { get; set; }
|
|
|
|
// Optional fields
|
|
[JsonPropertyName("x5c")]
|
|
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
|
|
public List<string>? X509CertificateChain { get; set; }
|
|
|
|
[JsonPropertyName("x5t")]
|
|
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
|
|
public string? X509CertificateThumbprint { get; set; }
|
|
} |