post in progress

Mark Macneil · Mark Macneil · commit f144215f8d50 · 2017-04-28T21:21:00.000-03:00
diff --git a/src/dotnetGigs/Models/JwtIssuerOptions.cs b/src/dotnetGigs/Models/JwtIssuerOptions.cs
@@ -7,91 +7,45 @@ namespace DotNetGigs.Models
 public class JwtIssuerOptions
 {
         /// <summary>
-        /// "iss" (Issuer) Claim
+        /// 4.1.1.  "iss" (Issuer) Claim - The "iss" (issuer) claim identifies the principal that issued the JWT.
         /// </summary>
-        /// <remarks>The "iss" (issuer) claim identifies the principal that issued the
-        ///   JWT.  The processing of this claim is generally application specific.
-        ///   The "iss" value is a case-sensitive string containing a StringOrURI
-        ///   value.  Use of this claim is OPTIONAL.</remarks>
         public string Issuer { get; set; }
 
         /// <summary>
-        /// "sub" (Subject) Claim
+        /// 4.1.2.  "sub" (Subject) Claim - The "sub" (subject) claim identifies the principal that is the subject of the JWT.
         /// </summary>
-        /// <remarks> The "sub" (subject) claim identifies the principal that is the
-        ///   subject of the JWT.  The claims in a JWT are normally statements
-        ///   about the subject.  The subject value MUST either be scoped to be
-        ///   locally unique in the context of the issuer or be globally unique.
-        ///   The processing of this claim is generally application specific.  The
-        ///   "sub" value is a case-sensitive string containing a StringOrURI
-        ///   value.  Use of this claim is OPTIONAL.</remarks>
         public string Subject { get; set; }
 
         /// <summary>
-        /// "aud" (Audience) Claim
+        /// 4.1.3.  "aud" (Audience) Claim - The "aud" (audience) claim identifies the recipients that the JWT is intended for.
         /// </summary>
-        /// <remarks>The "aud" (audience) claim identifies the recipients that the JWT is
-        ///   intended for.  Each principal intended to process the JWT MUST
-        ///   identify itself with a value in the audience claim.  If the principal
-        ///   processing the claim does not identify itself with a value in the
-        ///   "aud" claim when this claim is present, then the JWT MUST be
-        ///   rejected.  In the general case, the "aud" value is an array of case-
-        ///   sensitive strings, each containing a StringOrURI value.  In the
-        ///   special case when the JWT has one audience, the "aud" value MAY be a
-        ///   single case-sensitive string containing a StringOrURI value.  The
-        ///   interpretation of audience values is generally application specific.
-        ///   Use of this claim is OPTIONAL.</remarks>
         public string Audience { get; set; }
 
         /// <summary>
-        /// "nbf" (Not Before) Claim (default is UTC NOW)
+        /// 4.1.4.  "exp" (Expiration Time) Claim - The "exp" (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
+        /// </summary>
+        public DateTime Expiration => IssuedAt.Add(ValidFor);
+
+        /// <summary>
+        /// 4.1.5.  "nbf" (Not Before) Claim - The "nbf" (not before) claim identifies the time before which the JWT MUST NOT be accepted for processing.
         /// </summary>
-        /// <remarks>The "nbf" (not before) claim identifies the time before which the JWT
-        ///   MUST NOT be accepted for processing.  The processing of the "nbf"
-        ///   claim requires that the current date/time MUST be after or equal to
-        ///   the not-before date/time listed in the "nbf" claim.  Implementers MAY
-        ///   provide for some small leeway, usually no more than a few minutes, to
-        ///   account for clock skew.  Its value MUST be a number containing a
-        ///   NumericDate value.  Use of this claim is OPTIONAL.</remarks>
         public DateTime NotBefore { get; set; } = DateTime.UtcNow;
 
         /// <summary>
-        /// "iat" (Issued At) Claim (default is UTC NOW)
+        /// 4.1.6.  "iat" (Issued At) Claim - The "iat" (issued at) claim identifies the time at which the JWT was issued.
         /// </summary>
-        /// <remarks>The "iat" (issued at) claim identifies the time at which the JWT was
-        ///   issued.  This claim can be used to determine the age of the JWT.  Its
-        ///   value MUST be a number containing a NumericDate value.  Use of this
-        ///   claim is OPTIONAL.</remarks>
         public DateTime IssuedAt { get; set; } = DateTime.UtcNow;
 
         /// <summary>
         /// Set the timespan the token will be valid for (default is 5 min/300 seconds)
         /// </summary>
         public TimeSpan ValidFor { get; set; } = TimeSpan.FromMinutes(5);
 
-        /// <summary>
-        /// "exp" (Expiration Time) Claim (returns IssuedAt + ValidFor)
-        /// </summary>
-        /// <remarks>The "exp" (expiration time) claim identifies the expiration time on
-        ///   or after which the JWT MUST NOT be accepted for processing.  The
-        ///   processing of the "exp" claim requires that the current date/time
-        ///   MUST be before the expiration date/time listed in the "exp" claim.
-        ///   Implementers MAY provide for some small leeway, usually no more than
-        ///   a few minutes, to account for clock skew.  Its value MUST be a number
-        ///   containing a NumericDate value.  Use of this claim is OPTIONAL.</remarks>
-        public DateTime Expiration => IssuedAt.Add(ValidFor);
+    
 
         /// <summary>
         /// "jti" (JWT ID) Claim (default ID is a GUID)
         /// </summary>
-        /// <remarks>The "jti" (JWT ID) claim provides a unique identifier for the JWT.
-        ///   The identifier value MUST be assigned in a manner that ensures that
-        ///   there is a negligible probability that the same value will be
-        ///   accidentally assigned to a different data object; if the application
-        ///   uses multiple issuers, collisions MUST be prevented among values
-        ///   produced by different issuers as well.  The "jti" claim can be used
-        ///   to prevent the JWT from being replayed.  The "jti" value is a case-
-        ///   sensitive string.  Use of this claim is OPTIONAL.</remarks>
         public Func<Task<string>> JtiGenerator =>
           () => Task.FromResult(Guid.NewGuid().ToString());
 
