/// <summary>Validates the authorization code.</summary>
/// <exception cref="ArgumentNullException">Thrown when code is null.</exception>
/// <exception cref="InvalidOperationException">
/// Thrown when the JWT does not contain a c_hash claim.
/// </exception>
/// <param name="jwt">The token to act on.</param>
/// <param name="code">The code.</param>
/// <returns>true if it succeeds, false if it fails.</returns>
public static bool ValidateAuthorizationCode(this JsonWebToken jwt, string code)
{
if (string.IsNullOrEmpty(code))
{
throw new ArgumentNullException(nameof(code));
}
var hash = jwt.Payload.FirstOrDefault(x => x.Key == "c_hash");
if (hash.Value == null)
{
throw new InvalidOperationException("The JWT does not contain a c_hash claim. It is required to validate authentication codes.");
}
var validator = new TokenValidator();
return(validator.ValidateAuthorizationCodeHash(code, hash.Value.ToString(), jwt.Header.Algorithm));
}