private ClaimDescriptionList ValidateToken(string authToken)
        {
            var issuer = string.Format(this.settings.TokenIssuerFormat, this.settings.TenantId);

            var validatedClaims = ServerUtility.Validate(
                issuer,
                this.settings.ClusterApplication,
                this.settings.RoleClaimKey,
                this.settings.AdminRoleClaimValue,
                this.settings.UserRoleClaimValue,
                string.Format(this.settings.CertEndpointFormat, this.settings.TenantId),
                TimeSpan.FromSeconds(this.settings.SigningCertRolloverCheckInterval).Ticks,
                authToken);

            var claimsList = new ClaimDescriptionList();
            var claims     = new List <ClaimDescription>();

            var roleClaim = new ClaimDescription(
                this.settings.RoleClaimKey,
                issuer, // issuer
                issuer, // original issuer
                issuer, // subject
                validatedClaims.IsAdmin ? this.settings.AdminRoleClaimValue : this.settings.UserRoleClaimValue,
                "N/A"); // value type

            var expirationClaim = new ClaimDescription(
                ServerUtility.ExpirationClaim,
                issuer, // issuer
                issuer, // original issuer
                issuer, // subject
                validatedClaims.Expiration.TotalSeconds.ToString(),
                "N/A"); // value type

            claims.Add(roleClaim);
            claims.Add(expirationClaim);

            claimsList.AddClaims(claims);

            return(claimsList);
        }