feat: support for x509 Certificate Serialization.

aguacongas · web-flow · commit 7e13275a47e2 · 2022-03-11T08:26:38.000+01:00
Support for x509 Certificate Serialization.
diff --git a/src/Aguacongas.AspNetCore.Authentication/AuthenticationSchemeOptionsSerializer.cs b/src/Aguacongas.AspNetCore.Authentication/AuthenticationSchemeOptionsSerializer.cs
@@ -6,9 +6,55 @@
 using System;
 using System.Linq;
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
 
 namespace Aguacongas.AspNetCore.Authentication
 {
+    /// <summary>
+    /// Converter For x509 Data
+    /// </summary>
+    public class X509Certificate2JsonConverter : JsonConverter
+    {
+        /// <summary>
+        /// Is the object fed to this a match for our converter type.
+        /// </summary>
+        /// <param name="objectType"></param>
+        /// <returns></returns>
+        public override bool CanConvert(Type objectType)
+        {
+            return objectType == typeof(X509Certificate2);
+        }
+
+        /// <summary>
+        /// Read method. 
+        /// </summary>
+        /// <param name="reader"></param>
+        /// <param name="objectType"></param>
+        /// <param name="existingValue"></param>
+        /// <param name="serializer"></param>
+        /// <returns></returns>
+        public override object ReadJson(JsonReader reader,
+            Type objectType, object existingValue, JsonSerializer serializer)
+        {
+            var deserializedRaw = serializer.Deserialize<byte[]>(reader);
+            var deserialized = new X509Certificate2(deserializedRaw);
+            return deserialized;
+        }
+
+        /// <summary>
+        /// Write method.
+        /// </summary>
+        /// <param name="writer"></param>
+        /// <param name="value"></param>
+        /// <param name="serializer"></param>
+        public override void WriteJson(JsonWriter writer,
+            object value, JsonSerializer serializer)
+        {
+            byte[] certData = ((X509Certificate2)value).Export(X509ContentType.Pfx);
+            serializer.Serialize(writer, certData);
+        }
+    }
+
     /// <summary>
     /// Manage <see cref="AuthenticationSchemeOptions"/> serialization.
     /// </summary>
@@ -27,7 +73,11 @@ public class AuthenticationSchemeOptionsSerializer : IAuthenticationSchemeOption
             ReferenceLoopHandling = ReferenceLoopHandling.Ignore,
             Formatting = Formatting.None,
             DefaultValueHandling = DefaultValueHandling.Include,
-            ContractResolver = new ContractResolver()
+            ContractResolver = new ContractResolver(),
+            Converters =
+            {
+                new X509Certificate2JsonConverter()
+            }
         };
 
         /// <summary>
diff --git a/test/Aguacongas.AspNetCore.Authentication.Test/AuthenticationSchemeOptionsSerializerTest.cs b/test/Aguacongas.AspNetCore.Authentication.Test/AuthenticationSchemeOptionsSerializerTest.cs
@@ -2,6 +2,11 @@
 // Copyright (c) 2021 @Olivier Lefebvre
 using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.AspNetCore.Authentication.WsFederation;
+using Newtonsoft.Json;
+using System;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Text.Json.Serialization;
 using Xunit;
 
 namespace Aguacongas.AspNetCore.Authentication.Test
@@ -54,5 +59,36 @@ public void SeserializeOptions_should_seserialize_default_value()
 
             Assert.False(deserialized.RequireHttpsMetadata);
         }
+
+        [Fact]
+        public void SerializationOptions_should_serialize_x509_certificate()
+        {
+            var holder = new CertificateHolder();
+            holder.Certificate = CertificateHolder.CreateCertificate();
+            var str = JsonConvert.SerializeObject(holder);
+            var holderRestored = JsonConvert.DeserializeObject<CertificateHolder>(str);
+            var holderStr = holder.Certificate.ToString();
+            var holderRestoredStr = holderRestored.Certificate.ToString();
+            Assert.Equal(holderStr, holderRestoredStr);
+            holder.Dispose();
+            holderRestored.Dispose();
+        }
+    }
+
+    public class CertificateHolder : IDisposable
+    {
+        [Newtonsoft.Json.JsonConverter(typeof(X509Certificate2JsonConverter))]
+        public X509Certificate2 Certificate { get; set; }
+
+        public void Dispose() => Certificate?.Dispose();
+
+        public static X509Certificate2 CreateCertificate()
+        {
+            var ecdsa = ECDsa.Create();
+            var req = new CertificateRequest("cn=foobar", ecdsa, HashAlgorithmName.SHA256);
+            var c = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(5));
+            return c;
+        }
     }
+
 }
