/// <summary> /// Validate the token taken from the http context /// </summary> /// <param name="token"></param> /// <returns></returns> private TokenResult ValidateToken(String token) { TokenResult result = new TokenResult() { Success = false }; // Hide personal information if not in debugging mode Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = Debugging; ConfigurationManager <OpenIdConnectConfiguration> configManager = new ConfigurationManager <OpenIdConnectConfiguration>($"{Authority}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever()); OpenIdConnectConfiguration config = configManager.GetConfigurationAsync().Result; ISecurityTokenValidator tokenValidator = new JwtSecurityTokenHandler(); List <String> audienceList = ValidAudiences.Split(',').ToList(); List <String> issuerList = ValidIssuers.Split(',').ToList(); TokenValidationParameters validationParameters = new TokenValidationParameters() { ValidAudiences = audienceList, ValidIssuers = issuerList, IssuerSigningKeys = config.SigningKeys }; try { result.Principal = tokenValidator.ValidateToken(token, validationParameters, out SecurityToken securityToken); } catch (Exception ex) { throw ex; } return(result); }
public bool IsSecurityEnabled() => !string.IsNullOrEmpty(ClientId) || !string.IsNullOrEmpty(TenantId) || !string.IsNullOrEmpty(Instance) || !string.IsNullOrEmpty(Audience) || !string.IsNullOrEmpty(Issuer) || ValidAudiences.Any() || ValidIssuers.Any();
public JwtTokenParserBuilder AddValidAudience(params string?[] validAudience) => this.Action(x => validAudience.ForEach(y => ValidAudiences.Add(y)));