Use non-case sensitive string for any ids #3184 (#4234)

IdentityServer · Mar 31, 2020 · 88afb8f · 88afb8f
1 parent 3defc11
commit 88afb8f
Show file tree

Hide file tree

Showing 8 changed files with 9 additions and 9 deletions.
diff --git a/src/IdentityServer4/host/Startup.cs b/src/IdentityServer4/host/Startup.cs
@@ -161,7 +161,7 @@ public static IIdentityServerBuilder AddSigningCredential(this IIdentityServerBu
             var ecCert = new X509Certificate2("./keys/identityserver.test.ecdsa.p12", "changeit");
             var key = new ECDsaSecurityKey(ecCert.GetECDsaPrivateKey())
             {
-                KeyId = CryptoRandom.CreateUniqueId(16)
+                KeyId = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)
             };
 
             return builder.AddSigningCredential(

diff --git a/src/IdentityServer4/src/Configuration/CryptoHelper.cs b/src/IdentityServer4/src/Configuration/CryptoHelper.cs
@@ -24,7 +24,7 @@ public static RsaSecurityKey CreateRsaSecurityKey(int keySize = 2048)
         {
             return new RsaSecurityKey(RSA.Create(keySize))
             {
-                KeyId = CryptoRandom.CreateUniqueId(16)
+                KeyId = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)
             };
         }
 
@@ -38,7 +38,7 @@ public static ECDsaSecurityKey CreateECDsaSecurityKey(string curve = JsonWebKeyE
         {
             return new ECDsaSecurityKey(ECDsa.Create(GetCurveFromCrvValue(curve)))
             {
-                KeyId = CryptoRandom.CreateUniqueId(16)
+                KeyId = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)
             };
         }
 

diff --git a/src/IdentityServer4/src/Extensions/ValidatedAuthorizeRequestExtensions.cs b/src/IdentityServer4/src/Extensions/ValidatedAuthorizeRequestExtensions.cs
@@ -108,7 +108,7 @@ public static string GenerateSessionStateValue(this ValidatedAuthorizeRequest re
 
             var clientId = request.ClientId;
             var sessionId = request.SessionId;
-            var salt = CryptoRandom.CreateUniqueId(16);
+            var salt = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex);
 
             var uri = new Uri(request.RedirectUri);
             var origin = uri.Scheme + "://" + uri.Host;

diff --git a/src/IdentityServer4/src/Services/Default/DefaultBackChannelLogoutService.cs b/src/IdentityServer4/src/Services/Default/DefaultBackChannelLogoutService.cs
@@ -124,7 +124,7 @@ protected Task<IEnumerable<Claim>> CreateClaimsForTokenAsync(BackChannelLogoutMo
                 new Claim(JwtClaimTypes.Subject, client.SubjectId),
                 new Claim(JwtClaimTypes.Audience, client.ClientId),
                 new Claim(JwtClaimTypes.IssuedAt, Clock.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
-                new Claim(JwtClaimTypes.JwtId, CryptoRandom.CreateUniqueId(16)),
+                new Claim(JwtClaimTypes.JwtId, CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)),
                 new Claim(JwtClaimTypes.Events, json, IdentityServerConstants.ClaimValueTypes.Json)
             };
 

diff --git a/src/IdentityServer4/src/Services/Default/DefaultHandleGenerationService.cs b/src/IdentityServer4/src/Services/Default/DefaultHandleGenerationService.cs
@@ -20,7 +20,7 @@ public class DefaultHandleGenerationService : IHandleGenerationService
         /// <returns></returns>
         public Task<string> GenerateAsync(int length)
         {
-            return Task.FromResult(CryptoRandom.CreateUniqueId(length));
+            return Task.FromResult(CryptoRandom.CreateUniqueId(length, CryptoRandom.OutputFormat.Hex));
         }
     }
 }
diff --git a/src/IdentityServer4/src/Services/Default/DefaultTokenService.cs b/src/IdentityServer4/src/Services/Default/DefaultTokenService.cs
@@ -194,7 +194,7 @@ public virtual async Task<Token> CreateAccessTokenAsync(TokenCreationRequest req
 
             if (request.ValidatedRequest.Client.IncludeJwtId)
             {
-                claims.Add(new Claim(JwtClaimTypes.JwtId, CryptoRandom.CreateUniqueId(16)));
+                claims.Add(new Claim(JwtClaimTypes.JwtId, CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)));
             }
 
             if (request.ValidatedRequest.SessionId.IsPresent())

diff --git a/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs b/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs
@@ -150,7 +150,7 @@ public virtual async Task<string> CreateSessionIdAsync(ClaimsPrincipal principal
 
             if (!properties.Items.ContainsKey(SessionIdKey) || currentSubjectId != newSubjectId)
             {
-                properties.Items[SessionIdKey] = CryptoRandom.CreateUniqueId(16);
+                properties.Items[SessionIdKey] = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex);
             }
 
             IssueSessionIdCookie(properties.Items[SessionIdKey]);

diff --git a/src/IdentityServer4/src/Test/TestUserStore.cs b/src/IdentityServer4/src/Test/TestUserStore.cs
@@ -134,7 +134,7 @@ public TestUser AutoProvisionUser(string provider, string userId, List<Claim> cl
             }
 
             // create a new unique subject id
-            var sub = CryptoRandom.CreateUniqueId();
+            var sub = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);
 
             // check if a display name is available, otherwise fallback to subject id
             var name = filtered.FirstOrDefault(c => c.Type == JwtClaimTypes.Name)?.Value ?? sub;