nikosft · May 9, 2023 12:25
diff --git a/iSHARE.cs b/iSHARE.cs
 using Microsoft.IdentityModel.Tokens;
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Cryptography;

 /*
 * Extract from a p12 file the public key in X509 format
 * openssl pkcs12 -in i4trust.p12 -out certificate.cer -nokeys
 * Remove first and last line
 */

 var clientCertificate = @"
 MIIEoTCCAomgAwIBAgIILLrbm3Y3rOkwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UE
 AwwQaVNIQVJFVGVzdENBX1RMUzENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNI
 QVJFMQswCQYDVQQGEwJOTDAeFw0yMjA0MDUwNzQxMjRaFw0yMzA3MjIxNTE0MTNa
 MGIxFTATBgNVBAMMDEFCQyBUcnVja2luZzEcMBoGA1UEBRMTRVUuRU9SSS5OTDAw
 MDAwMDAwMTENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNIQVJFMQswCQYDVQQG
 EwJOTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKEmHHT7CkVesLw
 4uFmo5isXZLqTVtEbntnHOZ3zplEEVcB0Y1U3eZdc4VkNAqnbZi/gYJ+Sfeca6wu
 6La+1SktruENoaktlm1sMbtMOCPPYe0PaBvh+ksIdjFm96xOaz/y3PVmYNjBqh/H
 zsiW2/+7Px8raGYYfJVVtGBumKvvhdUIqQsi1lik7YeFYh69EkqyCTSyFvSCsuvQ
 VAV/DFRyhTJlLXWvBc3GpVWhU3IsHWRo+hVeIHt4y8i9ewfzg4wDzu8BM3ZPq79N
 5D6h03Jdb9kzoNhzHtcDyjrHNWiTbGfwYed4FIh2hGptgUPE4dtftaVvhr8LcQjp
 nodhTfUCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQWPOcg6daU
 7x/lovG4/L7q3yw3gTATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQULSfL
 etp7x0q6bBpA8gvzZhswQN0wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBCwUA
 A4ICAQBsuXGZTVWDRONqRbacc0YDnEBoSTQ4U1C/z3ojptvO2aqXK1HEel8b71zH
 vkV8atQKcBBA3cGPXBmgRjBfmffZ/7ENdlXp6uVXv7b0eVhX0/HKFGpKi0Hn7vZ4
 jUkLLopuJ0IgLQDFC2ECCADUuaNlga7Zk7AZ6hDq6M+PH4olxmG1E+KGp5cPywgC
 zwzFBtxmqpcTl8MiuARdlZ9iTOcm+b6pve0uBYrE7G+ESh8NtPjeLXp2KJC+fYcE
 /j2GW9HRASvRMsycWBx3Vt1m2m8EwZPCWH5gprfPs84YGb6LCMRSWAVqwqTOwxRM
 kjIYYHWaYtZMYbVikW23sVFY/PMdi5WY+RQuA2VToyCfbGWPt+6zSKujp23kkbq4
 CA9EdJc+thjF7ig3l9iVn/7+ve4xSwOcympm2pBHPqqemLaxd+QYztKRzWtha+Yg
 iU0YMJzLFVQLOSCywnNJ810bQ122A8yus/zXaEn43nkxq3pRyiCM0PTUoANFK1CJ
 c7hzFS1WF7Xl5CQxGGOZt8rEacOI8fmxwar7s6g6yMVbCbsABfi7KiQQleInpCD7
 RBgwT6mjQlQaG/RGZvRPGtpxLiAoXTm1bDtyo0jK/7RUc4eaQoeASEr2F7SGx6R0L
 TQKyQQrwxAZYWBI1yVTwG0egYSCadP5xTkGUwU63pLuamN6rg==
 ";

 /*
 * Extract from a p12 file the private key in PKCS#1 format
 *  openssl pkcs12 -in i4trust.p12  -nodes -nocerts | openssl rsa -out private.key
 *  Remove first and last line
 */

 var clientPrivateKey = @"
 MIIEpAIBAAKCAQEA4oSYcdPsKRV6wvDi4WajmKxdkupNW0Rue2cc5nfOmUQRVwHR
 jVTd5l1zhWQ0CqdtmL+Bgn5J95xrrC7otr7VKS2u4Q2hqS2WbWwxu0w4I89h7Q9o
 G+H6Swh2MWb3rE5rP/Lc9WZg2MGqH8fOyJbb/7s/HytoZhh8lVW0YG6Yq++F1Qip
 CyLWWKTth4ViHr0SSrIJNLIW9IKy69BUBX8MVHKFMmUtda8FzcalVaFTciwdZGj6
 FV4ge3jLyL17B/ODjAPO7wEzdk+rv03kPqHTcl1v2TOg2HMe1wPKOsc1aJNsZ/Bh
 53gUiHaEam2BQ8Th21+1pW+GvwtxCOmeh2FN9QIDAQABAoIBAAqmW8l8Qn3y/9TT
 AQPCcN4genzKDc2E8+HS6QGv79N2Zw9Na1YG/7DRQ3lpyuWWVhmIpXTmbaFZ5hkQ
 EopnAfwf5Pk5TBi5ZzlpTRRGgtwyJ6M+5nDrKLqm4PG1Kt9bx4CX8UoLYHHIdzBr
 0z3Mk/bbzZ2wS4YDUDYwM50WDhEFSQD4lIfNLc9g/fd6SLbAkT7J/XjBAS+d5xrc
 5GosvUD8/eweYYH+2Ck784mF8pqcIuqWNlhozEjWCUK0zPU50q1xwma/GiHvCJXZ
 nxbFBqj802cG4qxbaZPcle9dj3qoEiqsaR726+ulhLD6b0IXHiJU95RODX0VYgob
 5DhwX2kCgYEA+AI+U44F9X1yp6JK84pjDFXARk/eJupXjMn6h1v+KyEXqSxQpMoU
 XHp4OfsrxAAzK7ebbgYPcFVt/QzsR608UkPpIbc7HJuME9mkrsO1mm2+PlD+Z4/1
 D9kCQqg8HQQRrRVlRyQ/mLcSkUnA4o73XrcpkIoNbNQ7wcNe0cIcLd0CgYEA6dEU
 hu7bZkhyR9mzTVKMFMHuulY3tGretvyCoYP/1jGm7fXlNR6lIz5RiH80OcLK2fpP
 DwJwN4Aue9aLSxKI1xKamJI69K8Bx44S+pVQGDL2cKAMtD8zZJt/UEjepfgUQih5
 4cHTUZXTK4VHDUmyuFbyNgiIe2dtCLDJmqotWvkCgYEAj05Uj1lYjiK/1qeLobBM
 TXtbUAWke14b2sl3DzIT6v4DOwjVTHNMUqedwvskrevjpZZBpNCxqRpkJL2L5lru
 qSZ+lrHW4U/sICg55ZZG4IYbUMziRBtF4rNlf/jQS3/natkbHYGPkgHvI663WvJ7
 c+pohRGQclsscGkg6Bm+yK0CgYBvZ7l6GTDcaURaS7YM73njIgwXKKFeC1WWpnWv
 c29gpUO+Od0+FB3mzviWKtW9d7yjY4prwmOpbh+3zZ+M44Xjw+95JqOEliYo6N7O
 GnqRLScSvo+PClX4Z8afgDjlp3AvnY2FLY78XoDBSb1y7VyETJkXebVd5weijmlg
 khkOMQKBgQC7LsIPdIENWgki83cLiNOQtnHER5dKE7cMflmT+cQXDGC0/6ejQDvt
 S7zG77zGko+6HChX8qFJC/drzCurC6P8GGe5Cv5TzbC8qAfk+93MOKs1FpxlIV6S
 qvvTz/JV6V5pJCAOhTau4ssyTmyZwNMfBlt1xD+KaMPhYZsWdntmbA==
 ";

 var clientEORI = "EU.EORI.NL000000001";
 var satelliteID = "EU.EORI.NL000000000";
 var satelliteURL = "https://scheme.isharetest.net";


 //HEADER fields
 var x5c = new String[] {clientCertificate.Replace("\n", String.Empty).Replace("\r", String.Empty) };
 RSA rsa = RSA.Create();
 rsa.ImportRSAPrivateKey(Convert.FromBase64String(clientPrivateKey), out _);
 var jwtHeader = new JwtHeader(
                new SigningCredentials(
                    key: new RsaSecurityKey(rsa),
                    algorithm: SecurityAlgorithms.RsaSha256));
 jwtHeader.Add("x5c", x5c);

 //PAYLOAD fields
 var iss = clientEORI;
 var sub = clientEORI;
 var aud = satelliteID;
 var jti = System.Guid.NewGuid();
 var iat = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
 var exp = DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds();
 var payload = new JwtPayload();
 payload.Add("jti", jti);
 payload.Add("aud", aud);
 payload.Add("iat", iat);
 payload.Add("exp", exp);
 payload.Add("iss", iss);
 payload.Add("sub", sub);

 //Create the signed token
 var jwtToken = new JwtSecurityToken(jwtHeader, payload);
 var jwtTokenHandler = new JwtSecurityTokenHandler();
 var clientAssertion = jwtTokenHandler.WriteToken(jwtToken);
 Console.WriteLine(clientAssertion);

 //Request access token
 var requestBody = new FormUrlEncodedContent(new Dictionary<string, string>
            {
                { "grant_type", "client_credentials" },
                { "scope", "iSHARE" },
                { "client_id", clientEORI },
                { "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" },
                { "client_assertion", clientAssertion }
            });
 var httpClient = new HttpClient();
 var response = await httpClient.PostAsync(satelliteURL + "/connect/token", requestBody);
 var content = await response.Content.ReadAsStringAsync();
 Console.WriteLine(content);
	using Microsoft.IdentityModel.Tokens;
	using System.IdentityModel.Tokens.Jwt;
	using System.Security.Cryptography;

	/*
	* Extract from a p12 file the public key in X509 format
	* openssl pkcs12 -in i4trust.p12 -out certificate.cer -nokeys
	* Remove first and last line
	*/

	var clientCertificate = @"
	MIIEoTCCAomgAwIBAgIILLrbm3Y3rOkwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UE
	AwwQaVNIQVJFVGVzdENBX1RMUzENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNI
	QVJFMQswCQYDVQQGEwJOTDAeFw0yMjA0MDUwNzQxMjRaFw0yMzA3MjIxNTE0MTNa
	MGIxFTATBgNVBAMMDEFCQyBUcnVja2luZzEcMBoGA1UEBRMTRVUuRU9SSS5OTDAw
	MDAwMDAwMTENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNIQVJFMQswCQYDVQQG
	EwJOTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKEmHHT7CkVesLw
	4uFmo5isXZLqTVtEbntnHOZ3zplEEVcB0Y1U3eZdc4VkNAqnbZi/gYJ+Sfeca6wu
	6La+1SktruENoaktlm1sMbtMOCPPYe0PaBvh+ksIdjFm96xOaz/y3PVmYNjBqh/H
	zsiW2/+7Px8raGYYfJVVtGBumKvvhdUIqQsi1lik7YeFYh69EkqyCTSyFvSCsuvQ
	VAV/DFRyhTJlLXWvBc3GpVWhU3IsHWRo+hVeIHt4y8i9ewfzg4wDzu8BM3ZPq79N
	5D6h03Jdb9kzoNhzHtcDyjrHNWiTbGfwYed4FIh2hGptgUPE4dtftaVvhr8LcQjp
	nodhTfUCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQWPOcg6daU
	7x/lovG4/L7q3yw3gTATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQULSfL
	etp7x0q6bBpA8gvzZhswQN0wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBCwUA
	A4ICAQBsuXGZTVWDRONqRbacc0YDnEBoSTQ4U1C/z3ojptvO2aqXK1HEel8b71zH
	vkV8atQKcBBA3cGPXBmgRjBfmffZ/7ENdlXp6uVXv7b0eVhX0/HKFGpKi0Hn7vZ4
	jUkLLopuJ0IgLQDFC2ECCADUuaNlga7Zk7AZ6hDq6M+PH4olxmG1E+KGp5cPywgC
	zwzFBtxmqpcTl8MiuARdlZ9iTOcm+b6pve0uBYrE7G+ESh8NtPjeLXp2KJC+fYcE
	/j2GW9HRASvRMsycWBx3Vt1m2m8EwZPCWH5gprfPs84YGb6LCMRSWAVqwqTOwxRM
	kjIYYHWaYtZMYbVikW23sVFY/PMdi5WY+RQuA2VToyCfbGWPt+6zSKujp23kkbq4
	CA9EdJc+thjF7ig3l9iVn/7+ve4xSwOcympm2pBHPqqemLaxd+QYztKRzWtha+Yg
	iU0YMJzLFVQLOSCywnNJ810bQ122A8yus/zXaEn43nkxq3pRyiCM0PTUoANFK1CJ
	c7hzFS1WF7Xl5CQxGGOZt8rEacOI8fmxwar7s6g6yMVbCbsABfi7KiQQleInpCD7
	RBgwT6mjQlQaG/RGZvRPGtpxLiAoXTm1bDtyo0jK/7RUc4eaQoeASEr2F7SGx6R0L
	TQKyQQrwxAZYWBI1yVTwG0egYSCadP5xTkGUwU63pLuamN6rg==
	";

	/*
	* Extract from a p12 file the private key in PKCS#1 format
	* openssl pkcs12 -in i4trust.p12 -nodes -nocerts \| openssl rsa -out private.key
	* Remove first and last line
	*/

	var clientPrivateKey = @"
	MIIEpAIBAAKCAQEA4oSYcdPsKRV6wvDi4WajmKxdkupNW0Rue2cc5nfOmUQRVwHR
	jVTd5l1zhWQ0CqdtmL+Bgn5J95xrrC7otr7VKS2u4Q2hqS2WbWwxu0w4I89h7Q9o
	G+H6Swh2MWb3rE5rP/Lc9WZg2MGqH8fOyJbb/7s/HytoZhh8lVW0YG6Yq++F1Qip
	CyLWWKTth4ViHr0SSrIJNLIW9IKy69BUBX8MVHKFMmUtda8FzcalVaFTciwdZGj6
	FV4ge3jLyL17B/ODjAPO7wEzdk+rv03kPqHTcl1v2TOg2HMe1wPKOsc1aJNsZ/Bh
	53gUiHaEam2BQ8Th21+1pW+GvwtxCOmeh2FN9QIDAQABAoIBAAqmW8l8Qn3y/9TT
	AQPCcN4genzKDc2E8+HS6QGv79N2Zw9Na1YG/7DRQ3lpyuWWVhmIpXTmbaFZ5hkQ
	EopnAfwf5Pk5TBi5ZzlpTRRGgtwyJ6M+5nDrKLqm4PG1Kt9bx4CX8UoLYHHIdzBr
	0z3Mk/bbzZ2wS4YDUDYwM50WDhEFSQD4lIfNLc9g/fd6SLbAkT7J/XjBAS+d5xrc
	5GosvUD8/eweYYH+2Ck784mF8pqcIuqWNlhozEjWCUK0zPU50q1xwma/GiHvCJXZ
	nxbFBqj802cG4qxbaZPcle9dj3qoEiqsaR726+ulhLD6b0IXHiJU95RODX0VYgob
	5DhwX2kCgYEA+AI+U44F9X1yp6JK84pjDFXARk/eJupXjMn6h1v+KyEXqSxQpMoU
	XHp4OfsrxAAzK7ebbgYPcFVt/QzsR608UkPpIbc7HJuME9mkrsO1mm2+PlD+Z4/1
	D9kCQqg8HQQRrRVlRyQ/mLcSkUnA4o73XrcpkIoNbNQ7wcNe0cIcLd0CgYEA6dEU
	hu7bZkhyR9mzTVKMFMHuulY3tGretvyCoYP/1jGm7fXlNR6lIz5RiH80OcLK2fpP
	DwJwN4Aue9aLSxKI1xKamJI69K8Bx44S+pVQGDL2cKAMtD8zZJt/UEjepfgUQih5
	4cHTUZXTK4VHDUmyuFbyNgiIe2dtCLDJmqotWvkCgYEAj05Uj1lYjiK/1qeLobBM
	TXtbUAWke14b2sl3DzIT6v4DOwjVTHNMUqedwvskrevjpZZBpNCxqRpkJL2L5lru
	qSZ+lrHW4U/sICg55ZZG4IYbUMziRBtF4rNlf/jQS3/natkbHYGPkgHvI663WvJ7
	c+pohRGQclsscGkg6Bm+yK0CgYBvZ7l6GTDcaURaS7YM73njIgwXKKFeC1WWpnWv
	c29gpUO+Od0+FB3mzviWKtW9d7yjY4prwmOpbh+3zZ+M44Xjw+95JqOEliYo6N7O
	GnqRLScSvo+PClX4Z8afgDjlp3AvnY2FLY78XoDBSb1y7VyETJkXebVd5weijmlg
	khkOMQKBgQC7LsIPdIENWgki83cLiNOQtnHER5dKE7cMflmT+cQXDGC0/6ejQDvt
	S7zG77zGko+6HChX8qFJC/drzCurC6P8GGe5Cv5TzbC8qAfk+93MOKs1FpxlIV6S
	qvvTz/JV6V5pJCAOhTau4ssyTmyZwNMfBlt1xD+KaMPhYZsWdntmbA==
	";

	var clientEORI = "EU.EORI.NL000000001";
	var satelliteID = "EU.EORI.NL000000000";
	var satelliteURL = "https://scheme.isharetest.net";


	//HEADER fields
	var x5c = new String[] {clientCertificate.Replace("\n", String.Empty).Replace("\r", String.Empty) };
	RSA rsa = RSA.Create();
	rsa.ImportRSAPrivateKey(Convert.FromBase64String(clientPrivateKey), out _);
	var jwtHeader = new JwtHeader(
	new SigningCredentials(
	key: new RsaSecurityKey(rsa),
	algorithm: SecurityAlgorithms.RsaSha256));
	jwtHeader.Add("x5c", x5c);

	//PAYLOAD fields
	var iss = clientEORI;
	var sub = clientEORI;
	var aud = satelliteID;
	var jti = System.Guid.NewGuid();
	var iat = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
	var exp = DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds();
	var payload = new JwtPayload();
	payload.Add("jti", jti);
	payload.Add("aud", aud);
	payload.Add("iat", iat);
	payload.Add("exp", exp);
	payload.Add("iss", iss);
	payload.Add("sub", sub);

	//Create the signed token
	var jwtToken = new JwtSecurityToken(jwtHeader, payload);
	var jwtTokenHandler = new JwtSecurityTokenHandler();
	var clientAssertion = jwtTokenHandler.WriteToken(jwtToken);
	Console.WriteLine(clientAssertion);

	//Request access token
	var requestBody = new FormUrlEncodedContent(new Dictionary<string, string>
	{
	{ "grant_type", "client_credentials" },
	{ "scope", "iSHARE" },
	{ "client_id", clientEORI },
	{ "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" },
	{ "client_assertion", clientAssertion }
	});
	var httpClient = new HttpClient();
	var response = await httpClient.PostAsync(satelliteURL + "/connect/token", requestBody);
	var content = await response.Content.ReadAsStringAsync();
	Console.WriteLine(content);