/// <summary> /// Try to validate the token header, according to the <paramref name="header"/>. /// </summary> /// <param name="header"></param> /// <returns></returns> public TokenValidationResult TryValidateHeader(JwtHeader header) { if (!_ignoreCriticalHeader) { var handlers = header.CriticalHeaderHandlers; if (handlers != null) { for (int i = 0; i < handlers.Count; i++) { KeyValuePair <string, ICriticalHeaderHandler> handler = handlers[i]; if (handler.Value is null) { return(TokenValidationResult.CriticalHeaderUnsupported(handler.Key)); } if (!handler.Value.TryHandle(header, handler.Key)) { return(TokenValidationResult.InvalidHeader(handler.Key)); } } } } return(TokenValidationResult.Success()); }
/// <summary> /// Try to validate the token, according to the <paramref name="jwt"/>. /// </summary> /// <param name="jwt"></param> /// <returns></returns> public TokenValidationResult TryValidateJwt(Jwt jwt) { var payload = jwt.Payload !; if (payload.ValidationControl != 0) { if (payload.MissingAudience) { return(TokenValidationResult.MissingClaim(jwt, Claims.AudUtf8)); } if (payload.InvalidAudience) { return(TokenValidationResult.InvalidClaim(jwt, Claims.AudUtf8)); } if (payload.MissingIssuer) { return(TokenValidationResult.MissingClaim(jwt, Claims.IssUtf8)); } if (payload.InvalidIssuer) { return(TokenValidationResult.InvalidClaim(jwt, Claims.IssUtf8)); } if (payload.MissingExpirationTime) { return(TokenValidationResult.MissingClaim(jwt, Claims.ExpUtf8)); } if (payload.Expired) { return(TokenValidationResult.Expired(jwt)); } if (payload.NotYetValid) { return(TokenValidationResult.NotYetValid(jwt)); } } var validators = _validators; for (int i = 0; i < validators.Length; i++) { var result = validators[i].TryValidate(jwt); if (!result.Succedeed) { return(result); } } return(TokenValidationResult.Success(jwt)); }
/// <inheritdoc /> public TokenValidationResult TryValidate(Jwt jwt) { if (jwt is null) { ThrowHelper.ThrowArgumentNullException(ExceptionArgument.jwt); } if (jwt.Payload is null) { return(TokenValidationResult.MalformedToken()); } if (jwt.Payload.TryGetValue(OidcClaims.AuthTimeUtf8, out var _)) { return(TokenValidationResult.Success(jwt)); } return(TokenValidationResult.MissingClaim(jwt, OidcClaims.AuthTimeUtf8)); }
public TokenValidationResult TryValidate(Jwt jwt) { if (jwt is null) { ThrowHelper.ThrowArgumentNullException(ExceptionArgument.jwt); } if (jwt.Payload is null) { return(TokenValidationResult.MalformedToken()); } if (!jwt.Payload.TryGetValue(OidcClaims.AcrUtf8, out var property)) { return(TokenValidationResult.MissingClaim(jwt, OidcClaims.AcrUtf8)); } if (string.Equals(_requiredAcr, (string?)property.Value, StringComparison.Ordinal)) { return(TokenValidationResult.InvalidClaim(jwt, OidcClaims.AcrUtf8)); } return(TokenValidationResult.Success(jwt)); }