jasonjoh/GetSigningKeys.cs

## GetSigningKeys.cs
private List<SecurityKey> GetSigningKeys()
{
    // TODO: Implement a cache of signing keys with the auth metadata URL
    // as an index
    // When requests come in to validate a token, check if you already have cached signing keys
    // for that URL

    // Load tokens
    var webClient = new WebClient();
    var authMetaData = JsonConvert.DeserializeObject<ExchangeAuthMetadata>(webClient.DownloadString(AppContext.MetadataUrl));

    // Build list of signing keys
    List<SecurityKey> signingKeys = new List<SecurityKey>();

    foreach (ExchangeKey key in authMetaData.Keys)
    {
        if (string.Compare(key.KeyInfo.Thumbprint, Header.X5t, StringComparison.InvariantCulture) == 0 &&
            string.Compare(key.KeyValue.Type, "x509Certificate", StringComparison.InvariantCulture) == 0)
        {
            signingKeys.Add(new X509SecurityKey(new X509Certificate2(Encoding.UTF8.GetBytes(key.KeyValue.Value))));
        }
    }

    return signingKeys;
}
	private List<SecurityKey> GetSigningKeys()
	{
	// TODO: Implement a cache of signing keys with the auth metadata URL
	// as an index
	// When requests come in to validate a token, check if you already have cached signing keys
	// for that URL

	// Load tokens
	var webClient = new WebClient();
	var authMetaData = JsonConvert.DeserializeObject<ExchangeAuthMetadata>(webClient.DownloadString(AppContext.MetadataUrl));

	// Build list of signing keys
	List<SecurityKey> signingKeys = new List<SecurityKey>();

	foreach (ExchangeKey key in authMetaData.Keys)
	{
	if (string.Compare(key.KeyInfo.Thumbprint, Header.X5t, StringComparison.InvariantCulture) == 0 &&
	string.Compare(key.KeyValue.Type, "x509Certificate", StringComparison.InvariantCulture) == 0)
	{
	signingKeys.Add(new X509SecurityKey(new X509Certificate2(Encoding.UTF8.GetBytes(key.KeyValue.Value))));
	}
	}

	return signingKeys;
	}