public static ClaimsPrincipal GetPrincipalFromExpiredToken(string token, SensitiveTokens sensitiveTokens) { var tokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false, //ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(sensitiveTokens.SecretKey)), ValidateLifetime = true }; var tokenHandler = new JwtSecurityTokenHandler(); SecurityToken securityToken; var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out securityToken); var jwtSecurityToken = securityToken as JwtSecurityToken; if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new SecurityTokenException("Invalid token"); } return(principal); }
public UserService(IUnitOfWork unitOfWork, IMapper mapper, IOptions <SensitiveTokens> sensitiveTokens) { _unitOfWork = unitOfWork; _mapper = mapper; _sensitiveTokens = sensitiveTokens.Value; }