public static ClaimsPrincipal Validate(string token)
{
_logger?.DebugMessage("Validating bearer token.");
var jwt = new JwtSecurityToken(token);
var userIdClaim = jwt.Claims.SingleOrDefault(c => c.Type == "userId");
if (userIdClaim != null)
{
_logger?.DebugMessage($"Validating user token: {userIdClaim?.Value}");
try
{
return(TokenValidatorV2.ValidateToken(token, _logger));
}
catch (Exception ex)
{
_logger?.Exception(ex);
throw;
}
}
else
{
try
{
_logger?.DebugMessage($"Validating client token {jwt.Claims.SingleOrDefault(c => c.Type == "appid")?.Value}");
return(TokenValidatorV1.ValidateToken(token, _logger));
}
catch (Exception ex)
{
_logger?.Exception(ex);
throw;
}
}
}
internal LogScope(string message, ILogging logging, int lineNumber = 0, string caller = null, string filepaht = null)
{
_logging = logging;
_lineNumber = lineNumber;
_caller = caller;
_filepaht = filepaht;
_message = $"{message}";
_timer = Stopwatch.StartNew();
_logging?.DebugMessage($"Beginning action {caller} at line {lineNumber} in {filepaht}");
if (message.ContainsCharacters())
{
_logging?.DebugMessage(message);
}
}
internal static void DebugMessage(string message, LogType eventLogEntryType = LogType.Information)
{
if (Logging.IsInstance())
{
Logging.DebugMessage(message, eventLogEntryType);
}
}
public static ClaimsPrincipal ValidateToken(string accessToken, ILogging logger)
{
var handler = new JwtSecurityTokenHandler();
//{
// Configuration = new SecurityTokenHandlerConfiguration { /*CertificateValidationMode = X509CertificateValidationMode.None*/ }
//};
try
{
SecurityToken validatedToken;
var securityToken = handler.ValidateToken(accessToken, new TokenValidationParameters
{
ValidAudience = Resource,
ValidIssuers = new[] { B2CGlobalConfiguration.ValidIssuer, B2CGlobalConfiguration.ValidIssuer + "/" },
IssuerSigningKeys = Settings.SecurityTokens
}, out validatedToken);
var principal = new ClaimsPrincipal(securityToken);
Thread.CurrentPrincipal = principal;
logger?.DebugMessage($"User: {principal.Identity.Name}");
return(principal);
}
catch (Exception ex)
{
logger?.Exception(ex);
throw new UnauthorizedAccessException("Unable to validate token", ex);
}
}
protected void Log(string query, Exception ex)
{
if (!OutputDebugLog)
{
return;
}
if (_logger != null)
{
_logger.DebugMessage($"Failed query: {query}", LogType.Information, this.GetType().FullName);
_logger.Exception(ex, "CosmosDb gremlin connector");
}
else
{
Logging.DebugMessage($"Failed query: {query}", LogType.Information, this.GetType().FullName);
Logging.Exception(ex, this.GetType().FullName);
}
Console.WriteLine(query);
}
public static ClaimsPrincipal ValidateToken(string accessToken, ILogging logger)
{
var handler = new JwtSecurityTokenHandler();
//handler..Configuration = new SecurityTokenHandlerConfiguration { CertificateValidationMode = X509CertificateValidationMode.None };
var audience = B2CGlobalConfiguration.AudienceV1;
if (!audience.StartsWith("https://"))
{
audience = string.Format("https://{0}/", audience);
}
logger?.DebugMessage($"Vaidating token: {audience} {B2CGlobalConfiguration.ValidIssuerV1} {B2CGlobalConfiguration.AadTenant}");
var validationParameters = new TokenValidationParameters()
{
ValidAudience = audience,
ValidIssuer = B2CGlobalConfiguration.ValidIssuerV1,
IssuerSigningKeys = GetSigningCertificates(string.Format("https://login.microsoftonline.com/{0}/federationmetadata/2007-06/federationmetadata.xml", B2CGlobalConfiguration.AadTenant))
//IssuerSigningKeyResolver= (token, securityToken, kid, parameters) =>
//{
// return new
//} //GetSigningCertificates(string.Format("https://login.microsoftonline.com/{0}/federationmetadata/2007-06/federationmetadata.xml", B2CGlobalConfiguration.AadTenant))
};
SecurityToken validatedToken;
try
{
var securityToken = handler.ValidateToken(accessToken, validationParameters, out validatedToken);
((ClaimsIdentity)securityToken.Identity).AddClaim(new Claim("token", accessToken));
// Logging.DebugMessage($"Token is validated");
var principal = new ClaimsPrincipal(securityToken);
var identity = principal.Identity as ClaimsIdentity;
//Logging.DebugMessage($"User: {Resolver.Activate<IIdentityLookup>().GetUserName(identity)} validated");
Thread.CurrentPrincipal = principal;
logger?.DebugMessage($"V1 token validation success: {identity?.Claims?.SingleOrDefault(c => c.Type == "appid")?.Value}");
return(principal);
// Logging.DebugMessage("Principal set on http context")
}
catch (Exception ex)
{
throw new UnauthorizedAccessException("Unable to validate bearer token", ex);
}
}
protected bool Log(string query, Exception ex)
{
if (!OutputDebugLog)
{
return(false);
}
if (_logger != null)
{
_logger.DebugMessage($"Failed query: {query}", LogType.Information, this.GetType().FullName);
_logger.Exception(ex, $"{GetType().FullName}({ex.GetType()})");
}
else
{
Logging.DebugMessage($"Failed query: {query}", LogType.Information, this.GetType().FullName);
Logging.Exception(ex, $"{GetType().FullName}({ex.GetType()})");
}
Console.WriteLine(query);
return(false);
}
public void Dispose()
{
_timer.Stop();
_logging?.DebugMessage($"ending action {_caller} at line {_lineNumber} in {_filepaht}. Execution time {_timer.ElapsedMilliseconds}ms");
}
