// just for demo
public ClaimsPrincipal GetPrincipalFromToken(string token, string signInKey)
=> _jwtTokenHandler.ValidateToken(token, new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signInKey)),
ValidateLifetime = false
});
public ClaimsPrincipal GetPrincipalFromToken(string token, string signingKey)
{
return(jwtTokenHandler.ValidateToken(token, new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey)),
ValidateLifetime = true // we check expired tokens here
}));
}
public ClaimsPrincipal GetPrincipalFromToken(string token, string signingKey, bool validateLifetime)
{
return(_jwtTokenHandler.ValidateToken(token, new TokenValidationParameters
{
ValidateAudience = true,
ValidAudience = "https://reporting.respaunce.com",
ValidateIssuer = true,
ValidIssuer = "Respaunce",
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey)),
ValidateLifetime = validateLifetime,
ClockSkew = TimeSpan.Zero
}));
}
public ClaimsPrincipal GetPrincipalFromToken(string token, string signingKey)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = _jwtOptions.Issuer,
ValidateAudience = true,
ValidAudience = _jwtOptions.Audience,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_authSettings.SecretKey)),
RequireExpirationTime = true,//false,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
return(_jwtTokenHandler.ValidateToken(token, tokenValidationParameters));
}
public ClaimsPrincipal GetPrincipalFromToken(string token, string signingKey)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = _jwtOptions.Issuer,
ValidateAudience = true,
ValidAudience = _jwtOptions.Audience,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey)),
RequireExpirationTime = true,
ValidateLifetime = false, // This function is called from ExchangeRefreshToken. If set to true, SecurityTokenExpiredException is thrown and there is no way to exchange RefreshToken for a new AccessToken!
ClockSkew = TimeSpan.Zero
};
return(_jwtTokenHandler.ValidateToken(token, tokenValidationParameters));
}