public CustomValidatingJwtFormat( TokenValidationParameters tvps, IReadOnlyDictionary <string, string> additionalTokenValidationParamters, OpenIdConnectCachingSecurityTokenProvider securityTokenProvider) : base(tvps, securityTokenProvider) { if (_additionalTokenValidationParamters == null) { _additionalTokenValidationParamters = new Dictionary <string, string>(); } _additionalTokenValidationParamters = additionalTokenValidationParamters; }
/// <summary> /// Specifies validation options for the access token. /// </summary> /// <param name="tenantUrl"></param> /// <param name="clientId"></param> /// <returns></returns> private static CustomValidatingJwtFormat GetAccessTokenFormat(string tenantUrl, string clientId) { var tokenValidationParameters = new TokenValidationParameters { ValidAudience = tenantUrl, ValidateAudience = true, ValidIssuer = tenantUrl, ValidateIssuer = true, }; var additionalTokenValidationParamters = new Dictionary <string, string> { // Validate Client ID claim ["cid"] = clientId }; var securityTokenProvider = new OpenIdConnectCachingSecurityTokenProvider( tenantUrl + "/.well-known/openid-configuration"); return(new CustomValidatingJwtFormat(tokenValidationParameters, additionalTokenValidationParamters, securityTokenProvider)); }