public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (!payload.TryGetClaim(_claim, out var claim))
{
error = TokenValidationError.MissingClaim(_claim);
return(false);
}
if (!claim.TryGetDouble(out var value) || _value != value)
{
error = TokenValidationError.InvalidClaim(_claim);
return(false);
}
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out error);
#else
error = default;
#endif
return(true);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (!payload.TryGetClaim(JwtClaimNames.Exp.EncodedUtf8Bytes, out var expires))
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Exp.ToString());
return(false);
}
if (!payload.TryGetClaim(JwtClaimNames.Jti.EncodedUtf8Bytes, out var jti))
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Jti.ToString());
return(false);
}
if (!_tokenReplayCache.TryAdd(jti.GetString(), expires.GetInt64()))
{
error = TokenValidationError.TokenReplayed();
return(false);
}
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out error);
#else
error = default;
#endif
return(true);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (payload.ContainsClaim(_claim))
{
error = null;
return(true);
}
error = TokenValidationError.MissingClaim(_claim);
return(false);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (payload.ContainsClaim(OAuth2Claims.AuthTime.EncodedUtf8Bytes))
{
error = null;
return(true);
}
error = TokenValidationError.MissingClaim(OAuth2Claims.AuthTime.ToString());
return(false);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (payload.ContainsClaim(_claim))
{
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out error);
#else
error = default;
#endif
return(true);
}
error = TokenValidationError.MissingClaim(_claim);
return(false);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (!payload.TryGetClaim(_claim, out var claim))
{
error = TokenValidationError.MissingClaim(_claim);
return(false);
}
if (!claim.TryGetDouble(out var value) || _value != value)
{
error = TokenValidationError.InvalidClaim(_claim);
return(false);
}
error = null;
return(true);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload is null)
{
error = TokenValidationError.MalformedToken();
return(false);
}
if (!payload.TryGetClaim(OAuth2Claims.Acr.EncodedUtf8Bytes, out var property))
{
error = TokenValidationError.MissingClaim(OAuth2Claims.Acr.ToString());
return(false);
}
if (!property.ValueEquals(_requiredAcr))
{
error = TokenValidationError.InvalidClaim(OAuth2Claims.Acr.ToString());
return(false);
}
error = null;
return(true);
}
public bool TryValidate(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (!payload.TryGetClaim(JwtClaimNames.Exp.EncodedUtf8Bytes, out var expires))
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Exp.ToString());
return(false);
}
if (!payload.TryGetClaim(JwtClaimNames.Jti.EncodedUtf8Bytes, out var jti))
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Jti.ToString());
return(false);
}
if (!_tokenReplayCache.TryAdd(jti.GetString(), expires.GetInt64()))
{
error = TokenValidationError.TokenReplayed();
return(false);
}
error = null;
return(true);
}
/// <summary>Try to validate the token, according to the <paramref name="header"/> and the <paramref name="payload"/>.</summary>
public bool TryValidateJwt(JwtHeaderDocument header, JwtPayloadDocument payload, [NotNullWhen(false)] out TokenValidationError?error)
{
if (payload.Control != 0)
{
if (RequireAudience)
{
if (payload.MissingAudience)
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Aud.ToString());
goto Error;
}
if (payload.InvalidAudience)
{
error = TokenValidationError.InvalidClaim(JwtClaimNames.Aud.ToString());
goto Error;
}
}
if (RequireIssuer)
{
if (payload.MissingIssuer)
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Iss.ToString());
goto Error;
}
if (payload.InvalidIssuer)
{
error = TokenValidationError.InvalidClaim(JwtClaimNames.Iss.ToString());
goto Error;
}
}
if (RequireExpirationTime)
{
if (payload.MissingExpirationTime)
{
error = TokenValidationError.MissingClaim(JwtClaimNames.Exp.ToString());
goto Error;
}
if (payload.Expired)
{
error = TokenValidationError.Expired();
goto Error;
}
}
if (payload.NotYetValid)
{
error = TokenValidationError.NotYetValid();
goto Error;
}
}
var validators = _validators;
for (int i = 0; i < validators.Length; i++)
{
if (!validators[i].TryValidate(header, payload, out error))
{
goto Error;
}
}
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out error);
#else
error = default;
#endif
return(true);
Error:
return(false);
}