C# (CSharp) SkipSignatureJwtSecurityTokenHandler Beispiele

Beispiel #1

Datei: MobileAppTokenHandler.cs Projekt: danielloczi/azure-mobile-apps-net-server

        /// <summary>
        /// This method is ONLY to be used in cases where the SkipTokenSignatureValidation option is turned on
        /// and we can safely assume that any incoming tokens are valid and their claims can be trusted.
        /// </summary>
        /// <param name="tokenValue">The token to be parsed.</param>
        /// <param name="claimsPrincipal">The resulting claims principal.</param>
        /// <returns>True if the token can be parsed successfully.</returns>
        internal static bool GetClaimsPrincipalForPrevalidatedToken(string tokenValue, out ClaimsPrincipal claimsPrincipal)
        {
            TokenValidationParameters validationParameters = new TokenValidationParameters
            {
                ValidateAudience = true,
                ValidAudience    = ZumoAudienceValue,
                ValidateIssuer   = true,
                ValidIssuer      = ZumoIssuerValue,
                ValidateLifetime = false,
            };

            SkipSignatureJwtSecurityTokenHandler tokenHandler = new SkipSignatureJwtSecurityTokenHandler();

            claimsPrincipal = null;
            try
            {
                SecurityToken validatedToken;
                claimsPrincipal = tokenHandler.ValidateToken(tokenValue, validationParameters, out validatedToken);
            }
            catch (SecurityTokenException)
            {
                // can happen if the token fails validation for any reason,
                // e.g. wrong signature, etc.
                return(false);
            }
            catch (ArgumentException)
            {
                // happens if the token cannot even be read
                // i.e. it is malformed
                return(false);
            }

            return(true);
        }

Beispiel #2

Datei: MobileAppTokenHandler.cs Projekt: huoxudong125/azure-mobile-apps-net-server

        /// <summary>
        /// This method is ONLY to be used in cases where the SkipTokenSignatureValidation option is turned on
        /// and we can safely assume that any incoming tokens are valid and their claims can be trusted.
        /// </summary>
        /// <param name="tokenValue">The token to be parsed.</param>
        /// <param name="claimsPrincipal">The resulting claims principal.</param>
        /// <returns>True if the token can be parsed successfully.</returns>
        internal static bool GetClaimsPrincipalForPrevalidatedToken(string tokenValue, out ClaimsPrincipal claimsPrincipal)
        {
            TokenValidationParameters validationParameters = new TokenValidationParameters
            {
                ValidateAudience = true,
                ValidAudience = ZumoAudienceValue,
                ValidateIssuer = true,
                ValidIssuer = ZumoIssuerValue,
                ValidateLifetime = false,
            };

            SkipSignatureJwtSecurityTokenHandler tokenHandler = new SkipSignatureJwtSecurityTokenHandler();
            claimsPrincipal = null;
            try
            {
                SecurityToken validatedToken;
                claimsPrincipal = tokenHandler.ValidateToken(tokenValue, validationParameters, out validatedToken);
            }
            catch (SecurityTokenException)
            {
                // can happen if the token fails validation for any reason,
                // e.g. wrong signature, etc.
                return false;
            }
            catch (ArgumentException)
            {
                // happens if the token cannot even be read
                // i.e. it is malformed
                return false;
            }

            return true;
        }