コード例 #1
        /// <summary>
        /// Validate the token taken from the http context
        /// </summary>
        /// <param name="token"></param>
        /// <returns></returns>
        private TokenResult ValidateToken(String token)
            TokenResult result = new TokenResult()
                Success = false

            // Hide personal information if not in debugging mode
            Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = Debugging;

            ConfigurationManager <OpenIdConnectConfiguration> configManager =
                new ConfigurationManager <OpenIdConnectConfiguration>($"{Authority}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
            OpenIdConnectConfiguration config = configManager.GetConfigurationAsync().Result;

            ISecurityTokenValidator   tokenValidator       = new JwtSecurityTokenHandler();
            List <String>             audienceList         = ValidAudiences.Split(',').ToList();
            List <String>             issuerList           = ValidIssuers.Split(',').ToList();
            TokenValidationParameters validationParameters = new TokenValidationParameters()
                ValidAudiences    = audienceList,
                ValidIssuers      = issuerList,
                IssuerSigningKeys = config.SigningKeys

                result.Principal = tokenValidator.ValidateToken(token, validationParameters, out SecurityToken securityToken);
            catch (Exception ex)
                throw ex;

コード例 #2
        /// <summary>
        /// Starup and initialisation of the security context usually called at the start of the Azure function
        /// </summary>
        /// <param name="request">The request sent to the Azure Function</param>
        public SecurityResult <T> InitialiseSecurity(HttpRequest request)
            SecurityResult <T> result = new SecurityResult <T>();

            if (request != null)
                // If there was a Http Request then get the bearer token from that request
                String bearerToken = ExtractBearerToken(request);
                if (bearerToken != String.Empty)
                    // If there was a bearer token
                    TokenResult tokenResult = ValidateToken(bearerToken);
                    if (tokenResult.Success)
                        // Translate the permissions list from the resulting claims principal
                        result.Permissions = new List <T>()
                        result.Initialised = true;

                        // Set the local context in this class as it can also act as a base context along with returning the result
                        SecurityContext = result;

                throw new Exception("Cannot initialise security context as there is no Http Context to resolve it from");