< Summary - Kestrun — Combined Coverage

Information
Class: Kestrun.Authentication.AssertionService
Assembly: Kestrun
File(s): /home/runner/work/Kestrun/Kestrun/src/CSharp/Kestrun/Authentication/AssertionService.cs
Tag: Kestrun/Kestrun@0d738bf294e6281b936d031e1979d928007495ff
Line coverage
95%
Covered lines: 23
Uncovered lines: 1
Coverable lines: 24
Total lines: 60
Line coverage: 95.8%
Branch coverage
N/A
Covered branches: 0
Total branches: 0
Branch coverage: N/A
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Coverage history 0 25 50 75 100 11/19/2025 - 02:25:56 Line coverage: 95.8% (23/24) Total lines: 60 Tag: Kestrun/Kestrun@98ff905e5605a920343154665980a71211a03c6d

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
get_ClientId()100%210%
.ctor(...)100%11100%
CreateClientAssertion(...)100%11100%

File(s)

/home/runner/work/Kestrun/Kestrun/src/CSharp/Kestrun/Authentication/AssertionService.cs

#LineLine coverage
 1using System.Security.Claims;
 2using Microsoft.IdentityModel.Tokens;
 3
 4namespace Kestrun.Authentication;
 5/// <summary>
 6/// Service to create OpenID Connect client assertions.
 7/// </summary>
 8public class AssertionService
 9{
 10    private readonly JsonWebKey _jwk;
 11    private readonly SigningCredentials _credentials;
 12    private readonly string _clientId;
 13
 14    /// <summary>
 15    /// Gets the Client ID.
 16    /// </summary>
 017    public string ClientId => _clientId;
 18
 19    /// <summary>
 20    /// Initializes a new instance of the <see cref="AssertionService"/> class.
 21    /// </summary>
 22    /// <param name="clientId">The client identifier.</param>
 23    /// <param name="jwkJson"></param>
 1224    public AssertionService(string clientId, string? jwkJson)
 25    {
 1226        _clientId = clientId;
 1227        _jwk = new JsonWebKey(jwkJson);
 1228        _credentials = new SigningCredentials(_jwk, SecurityAlgorithms.RsaSha256);
 1229    }
 30
 31    /// <summary>
 32    /// Creates a client assertion for the specified token endpoint.
 33    /// </summary>
 34    /// <param name="tokenEndpoint"> The token endpoint for which the assertion is created.</param>
 35    /// <returns></returns>
 36    public string CreateClientAssertion(string tokenEndpoint)
 37    {
 1238        var now = DateTime.UtcNow;
 39
 1240        var claims = new List<Claim>
 1241        {
 1242            new("iss", _clientId),
 1243            new("sub", _clientId),
 1244            new(Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
 1245            new(Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames.Iat,
 1246                new DateTimeOffset(now).ToUnixTimeSeconds().ToString(),
 1247                ClaimValueTypes.Integer64)
 1248        };
 49
 1250        var token = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(
 1251            issuer: _clientId,
 1252            audience: tokenEndpoint,
 1253            claims: claims,
 1254            notBefore: now,
 1255            expires: now.AddMinutes(1),
 1256            signingCredentials: _credentials);
 57
 1258        return new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler().WriteToken(token);
 59    }
 60}
Generated by: ReportGenerator 5.5.1.0
12/18/2025 - 21:41:58
GitHub | reportgenerator.io

Methods/Properties

get_ClientId()
.ctor(System.String,System.String)
CreateClientAssertion(System.String)