DiscoveryEndpoint validate(DiscoveryEndpoint discoveryEndpoint, string issuer) { if (!DiscoveryPolicy.ValidateIssuerName) { return(discoveryEndpoint); } if (DiscoveryPolicy.RequireHttps && !DiscoveryEndpoint.IsSecureScheme(new Uri(discoveryEndpoint.Url), DiscoveryPolicy)) { throw new InvalidOperationException($"Error connecting to {discoveryEndpoint.Url}. HTTPS required."); } var strategy = DiscoveryPolicy.AuthorityValidationStrategy ?? DiscoveryPolicy.DefaultAuthorityValidationStrategy; var issuerValidationResult = strategy.IsIssuerNameValid(issuer, discoveryEndpoint.Authority); if (!issuerValidationResult.Success) { throw new InvalidOperationException($"Error connecting to {discoveryEndpoint.Url}. {issuerValidationResult.ErrorMessage}."); } return(discoveryEndpoint); }
DiscoveryEndpoint getDiscoveryEndpoint(SecurityToken jwtSecurityToken) { var disco = DiscoveryEndpoint.ParseUrl(jwtSecurityToken.Issuer); return(validate(disco, jwtSecurityToken.Issuer)); }