feature(#20): this commit introduces support for multiple audiences

Author: https-richardy

Applications/Backend/Source/HttpsRichardy.Federation.Infrastructure/Security/ClaimsBuilder.cs

@@ -39,6 +39,16 @@ public ClaimsBuilder WithPermissions(IEnumerable<Permission> permissions)
         return this;
     }
 
+    public ClaimsBuilder WithAudiences(IEnumerable<string> audiences)
+    {
+        foreach (var audience in audiences)
+        {
+            _claims.Add(new Claim(JwtRegisteredClaimNames.Aud, audience));
+        }
+
+        return this;
+    }
+
     public ClaimsBuilder WithClaim(string type, string value)
     {
         _claims.Add(new Claim(type, value));

Applications/Backend/Source/HttpsRichardy.Federation.Infrastructure/Security/JwtSecurityTokenService.cs

@@ -71,9 +71,11 @@ public async Task<Result<SecurityToken>> GenerateAccessTokenAsync(Client client,
         var realm = realmProvider.GetCurrentRealm();
 
         var claims = new ClaimsBuilder()
+            .WithSubject(client.Id)
             .WithRealmName(realm.Name)
             .WithClientId(client.Id)
             .WithPermissions(client.Permissions)
+            .WithAudiences(client.Audiences.Select(audience => audience.Value))
             .Build();
 
         var privateKey = await GetPrivateKeyAsync(cancellation);