private IPrincipal ValidateJWT(string jwt)
{
var handler = new JwtSecurityTokenHandler {
CertificateValidator = X509CertificateValidator.None
};
if (!handler.CanReadToken(jwt))
{
return(null);
}
var parameters = new TokenValidationParameters
{
ValidAudience = GetValidAudiance(),
ValidateIssuer = false,
ValidateAudience = false,
IssuerSigningTokens = OpenIdConfiguration.GetIssuerSigningKeys(jwt)
};
try
{
var user = handler.ValidateToken(jwt, parameters);
var upnClaim = user.Claims.Where(c => c.Type == upnClaimType).Select(c => c.Value).FirstOrDefault();
var emailClaim = user.Claims.Where(c => c.Type == emailClaimType).Select(c => c.Value).FirstOrDefault();
var nameClaim = user.Claims.Where(c => c.Type == nameClaimType).Select(c => c.Value).FirstOrDefault();
var issuerClaim = user.Claims.Where(c => c.Type == issuerClaimType).Select(c => c.Value).FirstOrDefault();
var puidClaim = user.Claims.Where(c => c.Type == puidClaimType).Select(c => c.Value).FirstOrDefault();
var altSecId = user.Claims.Where(c => c.Type == altSecIdClaimType).Select(c => c.Value).FirstOrDefault();
var principal = new TryWebsitesPrincipal(new TryWebsitesIdentity(upnClaim ?? emailClaim ?? user.Identity.Name, altSecId ?? puidClaim, GetIssuerName(altSecId ?? puidClaim)));
return(principal);
}
catch (Exception e)
{
//failed validating
SimpleTrace.Diagnostics.Error(e, "Error reading claims {jwt}", jwt);
}
return(null);
}
private IPrincipal ValidateJWT(string jwt)
{
var handler = new JwtSecurityTokenHandler { CertificateValidator = X509CertificateValidator.None };
if (!handler.CanReadToken(jwt))
{
return null;
}
var parameters = new TokenValidationParameters
{
ValidAudience = GetValidAudiance(),
ValidateIssuer = false,
IssuerSigningTokens = OpenIdConfiguration.GetIssuerSigningKeys(jwt)
};
try
{
var user = handler.ValidateToken(jwt, parameters);
var upnClaim = user.Claims.Where(c => c.Type == upnClaimType).Select(c => c.Value).FirstOrDefault();
var emailClaim = user.Claims.Where(c => c.Type == emailClaimType).Select(c => c.Value).FirstOrDefault();
var nameClaim = user.Claims.Where(c => c.Type == nameClaimType).Select(c => c.Value).FirstOrDefault();
var issuerClaim = user.Claims.Where(c => c.Type == issuerClaimType).Select(c => c.Value).FirstOrDefault();
var puidClaim = user.Claims.Where(c => c.Type == puidClaimType ).Select(c => c.Value).FirstOrDefault();
var altSecId = user.Claims.Where(c => c.Type == altSecIdClaimType).Select(c => c.Value).FirstOrDefault();
var principal = new TryWebsitesPrincipal(new TryWebsitesIdentity(upnClaim ?? emailClaim ?? user.Identity.Name, altSecId ?? puidClaim, GetIssuerName(altSecId ?? puidClaim)));
return principal;
}
catch (Exception e)
{
//failed validating
SimpleTrace.Diagnostics.Error(e, "Error reading claims {jwt}", jwt);
}
return null;
}