Esempio n. 1
0
        internal static ClaimsPrincipal ValidateToken(TokenValidationParameters validationParams, string tokenString, string secretKey)
        {
            validationParams.IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(secretKey));

            JwtSecurityTokenHandler tokenHandler   = new JwtSecurityTokenHandler();
            SecurityToken           validatedToken = null;

            return(tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken));
        }
        /// <summary>
        /// A helper that will throw if the tokenString cannot be parsed or the signature is invalid
        /// </summary>
        /// <param name="tokenString">The JWT token string</param>
        /// <param name="secretKey">The key used to sign the token JWT token</param>
        private static void ValidateToken(string tokenString)
        {
            JwtSecurityToken parsedToken = new JwtSecurityToken(tokenString);

            TokenValidationParameters validationParams = new TokenValidationParameters
            {
                ValidateAudience   = true,
                ValidAudience      = Audience,
                ValidateIssuer     = true,
                ValidIssuer        = Issuer,
                ValidateLifetime   = parsedToken.Payload.Exp.HasValue, // support tokens with no expiry
                IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(SigningKey))
            };

            JwtSecurityTokenHandler tokenHandler   = new JwtSecurityTokenHandler();
            SecurityToken           validatedToken = null;

            tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken);
        }