public async Task <ClaimsPrincipal> ValidateJWT(AdfsEndpoint endpoint, string token, string[] audiences)
{
if (_securityKey == null)
{
_securityKey = await AdfsHelper.GetAdfsSigningKeys(endpoint.Uri);
}
TokenValidationParameters validationParameters =
new TokenValidationParameters
{
ValidateIssuer = false,
//ValidIssuer = $"{endpoint.Uri}adfs/services/trust" ,
//ValidIssuers = new[] { $"{endpoint.Uri}adfs/services/trust" },
ValidAudiences = audiences,
IssuerSigningKeys = _securityKey
};
SecurityToken validatedToken;
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
try
{
var claims = handler.ValidateToken(token, validationParameters, out validatedToken);
return(claims);
}
catch (Exception ex)
{
var fragment = new TextFragment()
{
Code = TextCodes.JWTExpire,
DefaultFormatting = $"JWT字符串{token}已经过期,请重新登录!",
ReplaceParameters = new List <object>()
{
token
, HashEntityNames.CommonLog
}
};
throw new UtilityException((int)Errors.EntityAttributeMetadataValueTypeNotMatchEntityAttributeValueKeyConvertService, fragment);
}
}
public async Task <ClaimsPrincipal> ValidateJWT(AdfsEndpoint endpoint, string token, string[] audiences)
{
if (_securityKey == null)
{
_securityKey = await AdfsHelper.GetAdfsSigningKeys(endpoint.Uri);
}
TokenValidationParameters validationParameters =
new TokenValidationParameters
{
ValidateIssuer = false,
//ValidIssuer = $"{endpoint.Uri}adfs/services/trust" ,
//ValidIssuers = new[] { $"{endpoint.Uri}adfs/services/trust" },
ValidAudiences = audiences,
IssuerSigningKeys = _securityKey
};
SecurityToken validatedToken;
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
var claims = handler.ValidateToken(token, validationParameters, out validatedToken);
return(claims);
}