/// <summary>
/// Validate the token taken from the http context
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
private TokenResult ValidateToken(String token)
{
TokenResult result = new TokenResult()
{
Success = false
};
// Hide personal information if not in debugging mode
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = Debugging;
ConfigurationManager <OpenIdConnectConfiguration> configManager =
new ConfigurationManager <OpenIdConnectConfiguration>($"{Authority}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
OpenIdConnectConfiguration config = configManager.GetConfigurationAsync().Result;
ISecurityTokenValidator tokenValidator = new JwtSecurityTokenHandler();
List <String> audienceList = ValidAudiences.Split(',').ToList();
List <String> issuerList = ValidIssuers.Split(',').ToList();
TokenValidationParameters validationParameters = new TokenValidationParameters()
{
ValidAudiences = audienceList,
ValidIssuers = issuerList,
IssuerSigningKeys = config.SigningKeys
};
try
{
result.Principal = tokenValidator.ValidateToken(token, validationParameters, out SecurityToken securityToken);
}
catch (Exception ex)
{
throw ex;
}
return(result);
}
public bool IsSecurityEnabled() => !string.IsNullOrEmpty(ClientId) || !string.IsNullOrEmpty(TenantId) || !string.IsNullOrEmpty(Instance) || !string.IsNullOrEmpty(Audience) || !string.IsNullOrEmpty(Issuer) || ValidAudiences.Any() || ValidIssuers.Any();
public JwtTokenParserBuilder AddValidAudience(params string?[] validAudience) => this.Action(x => validAudience.ForEach(y => ValidAudiences.Add(y)));
