/// <summary>Validates the access token.</summary>
/// <exception cref="ArgumentNullException">Thrown when access token is null.</exception>
/// <exception cref="InvalidOperationException">
/// Thrown when the JWT does not contain a at_hash claim.
/// </exception>
/// <param name="jwt">The token to act on.</param>
/// <param name="accessToken">The access token.</param>
/// <returns>true if it succeeds, false if it fails.</returns>
public static bool ValidateAccessToken(this JsonWebToken jwt, string accessToken)
{
if (string.IsNullOrEmpty(accessToken))
{
throw new ArgumentNullException(nameof(accessToken));
}
var hash = jwt.Payload.FirstOrDefault(x => x.Key == "at_hash");
if (hash.Value == null)
{
throw new InvalidOperationException("The JWT does not contain a at_hash claim. It is required to validate authentication codes.");
}
var validator = new TokenValidator();
return(validator.ValidateAccessTokenHash(accessToken, hash.Value.ToString(), jwt.Header.Algorithm));
}
