/// <summary>Validates the access token.</summary> /// <exception cref="ArgumentNullException">Thrown when access token is null.</exception> /// <exception cref="InvalidOperationException"> /// Thrown when the JWT does not contain a at_hash claim. /// </exception> /// <param name="jwt">The token to act on.</param> /// <param name="accessToken">The access token.</param> /// <returns>true if it succeeds, false if it fails.</returns> public static bool ValidateAccessToken(this JsonWebToken jwt, string accessToken) { if (string.IsNullOrEmpty(accessToken)) { throw new ArgumentNullException(nameof(accessToken)); } var hash = jwt.Payload.FirstOrDefault(x => x.Key == "at_hash"); if (hash.Value == null) { throw new InvalidOperationException("The JWT does not contain a at_hash claim. It is required to validate authentication codes."); } var validator = new TokenValidator(); return(validator.ValidateAccessTokenHash(accessToken, hash.Value.ToString(), jwt.Header.Algorithm)); }