Thinktecture.IdentityModel: WRAP and SWT Support

The latest drop of Thinktecture.IdentityModel contains some helpers for the Web Resource Authorization Protocol (WRAP) and Simple Web Tokens (SWT).

The WrapClient class is a helper to request SWT tokens via WRAP. It supports issuer/key, SWT and SAML input credentials, e.g.:

var client = new WrapClient(wrapEp);
var swt = client.Issue(issuerName, issuerKey, scope);

All Issue overrides return a SimpleWebToken type, which brings me to the next helper class.

The SimpleWebToken class wraps a SWT token. It combines a number of features:

  • conversion between string format and CLR type representation
  • creation of SWT tokens
  • validation of SWT token
  • projection of SWT token as IClaimsIdentity
  • helpers to embed SWT token in headers and query strings

The following sample code generates a SWT token using the helper class:

private static string CreateSwtToken()
    var signingKey = “wA…”;
    var audience = http://websample”;
    var issuer = http://self”;
    var token = new SimpleWebToken(
      issuer, audience, Convert.FromBase64String(signingKey));

token.AddClaim(ClaimTypes.Name, “dominick”);
    token.AddClaim(ClaimTypes.Role, “Users”);
    token.AddClaim(ClaimTypes.Role, “Administrators”);
    token.AddClaim(“simple”, “test”);
    return token.ToString();

This entry was posted in IdentityModel. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s