Merge pull request #100 from leancodepl/feature/bump-identity-server-…

…version Bump identity server to 4.0 and update IdentityService
leancodepl · Aug 19, 2020 · 7b61ef0 · 7b61ef0
2 parents f0d1231 + d6afec8
commit 7b61ef0
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/Directory.Build.targets b/Directory.Build.targets
@@ -5,7 +5,7 @@
     <ExtensionsVersion>5.0.0-preview.7.*</ExtensionsVersion>
 
     <HangfireVersion>1.7.11</HangfireVersion>
-    <IdentityServerVersion>3.1.3</IdentityServerVersion>
+    <IdentityServerVersion>4.0.4</IdentityServerVersion>
     <MassTransitVersion>6.2.4</MassTransitVersion>
 
     <!-- Do not bump these dependencies if you don't want to force users to use newer .NET Core SDK -->

diff --git a/src/Infrastructure/LeanCode.IdentityServer.KeyVault/KeyMaterialService.cs b/src/Infrastructure/LeanCode.IdentityServer.KeyVault/KeyMaterialService.cs
@@ -1,4 +1,5 @@
 using System.Collections.Generic;
+using System.Linq;
 using System.Threading.Tasks;
 using IdentityServer4.Models;
 using IdentityServer4.Services;
@@ -15,9 +16,21 @@ public KeyMaterialService(SigningService signing)
             this.signing = signing;
         }
 
-        public Task<SigningCredentials> GetSigningCredentialsAsync()
+        public async Task<IEnumerable<SigningCredentials>> GetAllSigningCredentialsAsync()
         {
-            return signing.GetSigningCredentialsAsync();
+            return new[] { await signing.GetSigningCredentialsAsync() };
+        }
+
+        public Task<SigningCredentials?> GetSigningCredentialsAsync(IEnumerable<string>? allowedAlgorithms = null)
+        {
+            if (allowedAlgorithms == null || !allowedAlgorithms.Any() || allowedAlgorithms.Contains(SecurityAlgorithms.RsaSha256))
+            {
+                return signing.GetSigningCredentialsAsync()!;
+            }
+            else
+            {
+                return Task.FromResult<SigningCredentials?>(null);
+            }
         }
 
         public async Task<IEnumerable<SecurityKeyInfo>> GetValidationKeysAsync()

diff --git a/src/Infrastructure/LeanCode.IdentityServer.KeyVault/SigningService.cs b/src/Infrastructure/LeanCode.IdentityServer.KeyVault/SigningService.cs
@@ -96,7 +96,7 @@ private async Task<string> GetTokenAsync(string authority, string resource, stri
             {
                 logger.Fatal(ex, "Cannot acqure access token from Azure AD");
 
-                throw ex;
+                throw;
             }
         }
     }