summaryrefslogtreecommitdiffstats
path: root/samples/OAuthResourceServer/Code/Global.cs
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuthResourceServer/Code/Global.cs')
-rw-r--r--samples/OAuthResourceServer/Code/Global.cs35
1 files changed, 26 insertions, 9 deletions
diff --git a/samples/OAuthResourceServer/Code/Global.cs b/samples/OAuthResourceServer/Code/Global.cs
index 5080609..a70930b 100644
--- a/samples/OAuthResourceServer/Code/Global.cs
+++ b/samples/OAuthResourceServer/Code/Global.cs
@@ -34,7 +34,11 @@
/// <summary>
/// The authorization server crypto service provider that contains a public key.
/// </summary>
- public static readonly RSACryptoServiceProvider AuthorizationServerSigningServiceProvider;
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// </remarks>
+ [ThreadStatic]
+ public static readonly RSACryptoServiceProvider AuthorizationServerSigningServiceProvider = CreateAuthorizationServerSigningServiceProvider();
/// <summary>
/// An application memory cache of recent log messages.
@@ -66,23 +70,36 @@
};
#else
[Obsolete("You must use a real key for a real app.", true)]
- internal static readonly RSAParameters ResourceServerEncryptionPrivateKey= new RSAParameters();
+ internal static readonly RSAParameters ResourceServerEncryptionPrivateKey = new RSAParameters();
#endif
/// <summary>
/// The crypto service provider for this resource server that contains the private key used to decrypt an access token.
/// </summary>
- internal static readonly RSACryptoServiceProvider ResourceServerEncryptionServiceProvider;
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// </remarks>
+ [ThreadStatic]
+ internal static readonly RSACryptoServiceProvider ResourceServerEncryptionServiceProvider = CreateResourceServerEncryptionServiceProvider();
/// <summary>
- /// Initializes the <see cref="Global"/> class.
+ /// Creates the crypto service provider for this resource server that contains the private key used to decrypt an access token.
/// </summary>
- static Global() {
- AuthorizationServerSigningServiceProvider = new RSACryptoServiceProvider();
- AuthorizationServerSigningServiceProvider.ImportParameters(AuthorizationServerSigningPublicKey);
+ /// <returns>An RSA crypto service provider.</returns>
+ private static RSACryptoServiceProvider CreateResourceServerEncryptionServiceProvider() {
+ var resourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
+ resourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPrivateKey);
+ return resourceServerEncryptionServiceProvider;
+ }
- ResourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
- ResourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPrivateKey);
+ /// <summary>
+ /// Creates the crypto service provider for the authorization server that contains the public key used to verify an access token signature.
+ /// </summary>
+ /// <returns>An RSA crypto service provider.</returns>
+ private static RSACryptoServiceProvider CreateAuthorizationServerSigningServiceProvider() {
+ var authorizationServerSigningServiceProvider = new RSACryptoServiceProvider();
+ authorizationServerSigningServiceProvider.ImportParameters(AuthorizationServerSigningPublicKey);
+ return authorizationServerSigningServiceProvider;
}
private void Application_Start(object sender, EventArgs e) {