/// <summary>
/// This method parses the incoming token and validates it.
/// </summary>
/// <param name="accessToken">The incoming access token.</param>
/// <param name="error">This out paramter is set if any error occurs.</param>
/// <returns>True on success, False on error.</returns>
protected bool ReadAndValidateToken(string accessToken, out ResourceAccessErrorResponse error)
{
bool tokenValid = false;
error = null;
SecurityToken token = null;
ClaimsIdentityCollection claimsIdentityCollection = null;
try
{
SimpleWebTokenHandler handler = new SimpleWebTokenHandler();
// read the token
token = handler.ReadToken(accessToken);
// validate the token
claimsIdentityCollection = handler.ValidateToken(token);
// create a claims Principal from the token
IClaimsPrincipal authenticatedClaimsPrincipal =
ServiceConfiguration.ClaimsAuthenticationManager.Authenticate(
HttpContext.Current.Request.Url.AbsoluteUri, new ClaimsPrincipal(claimsIdentityCollection));
if (authenticatedClaimsPrincipal != null)
{
tokenValid = true;
// Set the ClaimsPrincipal so that it is accessible to the application
SetPrincipal(authenticatedClaimsPrincipal);
}
}
catch (InvalidTokenReceivedException ex)
{
error = new ResourceAccessErrorResponse(realm, ex.ErrorCode, ex.ErrorDescription);
}
catch (ExpiredTokenReceivedException ex)
{
error = new ResourceAccessErrorResponse(realm, ex.ErrorCode, ex.ErrorDescription);
}
catch (Exception)
{
error = new ResourceAccessErrorResponse(realm, OAuthConstants.ErrorCode.InvalidToken, "Token validation failed");
}
return(tokenValid);
}
/// <summary>
/// This method parses the incoming token and validates it.
/// </summary>
/// <param name="accessToken">The incoming access token.</param>
/// <param name="error">This out paramter is set if any error occurs.</param>
/// <returns>True on success, False on error.</returns>
protected bool ReadAndValidateToken( string accessToken, out ResourceAccessErrorResponse error )
{
bool tokenValid = false;
error = null;
SecurityToken token = null;
ClaimsIdentityCollection claimsIdentityCollection = null;
try
{
SimpleWebTokenHandler handler = new SimpleWebTokenHandler();
// read the token
token = handler.ReadToken( accessToken );
// validate the token
claimsIdentityCollection = handler.ValidateToken( token );
// create a claims Principal from the token
IClaimsPrincipal authenticatedClaimsPrincipal =
ServiceConfiguration.ClaimsAuthenticationManager.Authenticate(
HttpContext.Current.Request.Url.AbsoluteUri, new ClaimsPrincipal( claimsIdentityCollection ) );
if ( authenticatedClaimsPrincipal != null )
{
tokenValid = true;
// Set the ClaimsPrincipal so that it is accessible to the application
SetPrincipal( authenticatedClaimsPrincipal );
}
}
catch ( InvalidTokenReceivedException ex )
{
error = new ResourceAccessErrorResponse( realm, ex.ErrorCode, ex.ErrorDescription );
}
catch ( ExpiredTokenReceivedException ex )
{
error = new ResourceAccessErrorResponse( realm, ex.ErrorCode, ex.ErrorDescription );
}
catch ( Exception )
{
error = new ResourceAccessErrorResponse( realm, OAuthConstants.ErrorCode.InvalidToken, "Token validation failed" );
}
return tokenValid;
}