diff --git a/Udap.Model/Access/AccessTokenRequestForAuthorizationCodeBuilder.cs b/Udap.Model/Access/AccessTokenRequestForAuthorizationCodeBuilder.cs index f3e9a2d3..3ed62afa 100644 --- a/Udap.Model/Access/AccessTokenRequestForAuthorizationCodeBuilder.cs +++ b/Udap.Model/Access/AccessTokenRequestForAuthorizationCodeBuilder.cs @@ -67,21 +67,13 @@ public AccessTokenRequestForAuthorizationCodeBuilder WithClaim(Claim claim) } /// - /// Legacy refers to the current udap.org/UDAPTestTool behavior as documented in - /// udap.org profiles. The HL7 Security IG has the following constraint to make it - /// more friendly with OIDC and SMART launch frameworks. - /// sub == iss == client_id - /// Where as the Legacy is the following behavior - /// sub == iis == SubAlt Name + /// Build an /// - /// /// /// - public UdapAuthorizationCodeTokenRequest Build( - bool legacy = false, - string? algorithm = UdapConstants.SupportedAlgorithm.RS256) + public UdapAuthorizationCodeTokenRequest Build(string? algorithm = UdapConstants.SupportedAlgorithm.RS256) { - var clientAssertion = BuildClientAssertion(algorithm, legacy); + var clientAssertion = BuildClientAssertion(algorithm); return new UdapAuthorizationCodeTokenRequest() { @@ -99,34 +91,18 @@ public UdapAuthorizationCodeTokenRequest Build( }; } - private string? BuildClientAssertion(string algorithm, bool legacy = false) + private string? BuildClientAssertion(string algorithm) { JwtPayLoadExtension jwtPayload; - if (legacy) - { - //udap.org profile - jwtPayload = new JwtPayLoadExtension( - _certificate.GetNameInfo(X509NameType.UrlName, - false), //TODO:: Let user pick the subject alt name. Create will need extra param. - _tokenEndpoint, //The FHIR Authorization Server's token endpoint URL - _claims, - _now, - _now.AddMinutes(5) - ); - } - - else - { - //HL7 FHIR IG profile - jwtPayload = new JwtPayLoadExtension( - _clientId, - _tokenEndpoint, //The FHIR Authorization Server's token endpoint URL - _claims, - _now, - _now.AddMinutes(5) - ); - } + //HL7 FHIR IG profile + jwtPayload = new JwtPayLoadExtension( + _clientId, + _tokenEndpoint, //The FHIR Authorization Server's token endpoint URL + _claims, + _now, + _now.AddMinutes(5) + ); return SignedSoftwareStatementBuilder .Create(_certificate, jwtPayload) diff --git a/Udap.Model/Access/AccessTokenRequestForClientCredentialsBuilder.cs b/Udap.Model/Access/AccessTokenRequestForClientCredentialsBuilder.cs index 3df21b85..e9eb483d 100644 --- a/Udap.Model/Access/AccessTokenRequestForClientCredentialsBuilder.cs +++ b/Udap.Model/Access/AccessTokenRequestForClientCredentialsBuilder.cs @@ -91,21 +91,13 @@ public AccessTokenRequestForClientCredentialsBuilder WithExtension(string key, B } /// - /// Legacy refers to the current udap.org/UDAPTestTool behavior as documented in - /// udap.org profiles. The HL7 Security IG has the following constraint to make it - /// more friendly with OIDC and SMART launch frameworks. - /// sub == iss == client_id - /// Where as the Legacy is the following behavior - /// sub == iis == SubAlt Name + /// Build an /// - /// /// /// - public UdapClientCredentialsTokenRequest Build( - bool legacy = false, - string? algorithm = UdapConstants.SupportedAlgorithm.RS256) + public UdapClientCredentialsTokenRequest Build(string? algorithm = UdapConstants.SupportedAlgorithm.RS256) { - var clientAssertion = BuildClientAssertion(algorithm, legacy); + var clientAssertion = BuildClientAssertion(algorithm); return new UdapClientCredentialsTokenRequest { @@ -122,34 +114,18 @@ public UdapClientCredentialsTokenRequest Build( } - private string BuildClientAssertion(string algorithm, bool legacy = false) + private string BuildClientAssertion(string algorithm) { JwtPayLoadExtension jwtPayload; - - if (legacy) - { - //udap.org profile - jwtPayload = new JwtPayLoadExtension( - _certificate.GetNameInfo(X509NameType.UrlName, - false), //TODO:: Let user pick the subject alt name. Create will need extra param. - _tokenEndoint, //The FHIR Authorization Server's token endpoint URL - _claims, - _now, - _now.AddMinutes(5) - ); - } - - else - { - //HL7 FHIR IG profile - jwtPayload = new JwtPayLoadExtension( - _clientId, //TODO:: Let user pick the subject alt name. Create will need extra param. - _tokenEndoint, //The FHIR Authorization Server's token endpoint URL - _claims, - _now, - _now.AddMinutes(5) - ); - } + + //HL7 FHIR IG profile + jwtPayload = new JwtPayLoadExtension( + _clientId, //TODO:: Let user pick the subject alt name. Create will need extra param. + _tokenEndoint, //The FHIR Authorization Server's token endpoint URL + _claims, + _now, + _now.AddMinutes(5) + ); if (_extensions != null) {