private ClaimDescriptionList ValidateToken(string authToken)
{
var issuer = string.Format(this.settings.TokenIssuerFormat, this.settings.TenantId);
var validatedClaims = ServerUtility.Validate(
issuer,
this.settings.ClusterApplication,
this.settings.RoleClaimKey,
this.settings.AdminRoleClaimValue,
this.settings.UserRoleClaimValue,
string.Format(this.settings.CertEndpointFormat, this.settings.TenantId),
TimeSpan.FromSeconds(this.settings.SigningCertRolloverCheckInterval).Ticks,
authToken);
var claimsList = new ClaimDescriptionList();
var claims = new List <ClaimDescription>();
var roleClaim = new ClaimDescription(
this.settings.RoleClaimKey,
issuer, // issuer
issuer, // original issuer
issuer, // subject
validatedClaims.IsAdmin ? this.settings.AdminRoleClaimValue : this.settings.UserRoleClaimValue,
"N/A"); // value type
var expirationClaim = new ClaimDescription(
ServerUtility.ExpirationClaim,
issuer, // issuer
issuer, // original issuer
issuer, // subject
validatedClaims.Expiration.TotalSeconds.ToString(),
"N/A"); // value type
claims.Add(roleClaim);
claims.Add(expirationClaim);
claimsList.AddClaims(claims);
return(claimsList);
}
