private async Task <JwtSecurityToken> ValidateToken(string token, string issuer, IConfigurationManager <OpenIdConnectConfiguration> configurationManager, CancellationToken ct = default(CancellationToken)) { OpenIdConnectAuthProviderApi connectAuthProviderApi = this; if (string.IsNullOrEmpty(token)) { throw new ArgumentNullException(nameof(token)); } if (string.IsNullOrEmpty(issuer)) { throw new ArgumentNullException(nameof(issuer)); } ICollection <SecurityKey> signingKeys = (await configurationManager.GetConfigurationAsync(ct)).SigningKeys; TokenValidationParameters validationParameters = new TokenValidationParameters(); validationParameters.ValidateIssuer = true; validationParameters.ValidIssuer = issuer; validationParameters.ValidateIssuerSigningKey = true; validationParameters.IssuerSigningKeys = (IEnumerable <SecurityKey>)signingKeys; validationParameters.ValidateLifetime = true; validationParameters.ClockSkew = (TimeSpan.FromMinutes(5.0)); validationParameters.ValidateAudience = (false); SecurityToken securityToken; ClaimsPrincipal claimsPrincipal = ((SecurityTokenHandler) new JwtSecurityTokenHandler()).ValidateToken(token, validationParameters, out securityToken); // ISSUE: explicit non-virtual call if (connectAuthProviderApi != null && connectAuthProviderApi.ProviderInfo != null && (connectAuthProviderApi.ProviderInfo).ClientId != claimsPrincipal.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "aud")).Value) { throw new ApplicationException("ClientId couldn't verified."); } return((JwtSecurityToken)securityToken); }
public override async Task <ExternalAuthUserInfo> GetUserInfo(string token) { OpenIdConnectAuthProviderApi connectAuthProviderApi = this; // ISSUE: explicit non-virtual call string additionalParam = connectAuthProviderApi != null && connectAuthProviderApi.ProviderInfo != null ? (connectAuthProviderApi.ProviderInfo).AdditionalParams["Authority"] : string.Empty; if (string.IsNullOrEmpty(additionalParam)) { throw new ApplicationException("Authentication:OpenId:Issuer configuration is required."); } ConfigurationManager <OpenIdConnectConfiguration> configurationManager = new ConfigurationManager <OpenIdConnectConfiguration>(additionalParam + "/.well-known/openid-configuration", (IConfigurationRetriever <OpenIdConnectConfiguration>) new OpenIdConnectConfigurationRetriever(), (IDocumentRetriever) new HttpDocumentRetriever()); JwtSecurityToken jwtSecurityToken = await connectAuthProviderApi.ValidateToken(token, additionalParam, (IConfigurationManager <OpenIdConnectConfiguration>) configurationManager, new CancellationToken()); string str1 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "name")).Value; string str2 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "unique_name")).Value; int num1 = 32; string[] strArray = str1.Split((char)num1); return(new ExternalAuthUserInfo() { Provider = "OpenIdConnect", ProviderKey = jwtSecurityToken.Subject, Name = strArray[0], Surname = strArray[1], EmailAddress = str2 }); }