public ClaimsPrincipal GetUserIdentity(NancyContext ctx)
{
try
{
var authorization = ctx.Request.Headers.Authorization;
if (string.IsNullOrWhiteSpace(authorization))
{
return(null);
}
if (!authorization.StartsWith(TokenPrefix, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
var jwtToken = authorization.Substring(TokenPrefix.Length);
var handler = new JwtSecurityTokenHandler {
SetDefaultTimesOnTokenCreation = false
};
var principal = handler.ValidateToken(
jwtToken,
new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateIssuerSigningKey = true,
IssuerSigningKeys = new[]
{
new SymmetricSecurityKey(Convert.FromBase64String(_settings.AuthSecretKey)),
},
},
out _);
return(principal);
}
catch (Exception ex)
{
_monik.SecurityWarning($"Auth exception: {ex}");
return(null);
}
}