/// <summary>
/// Parses the provided OAuth JWT token or Authorization header with the option of skipping validations Documentation: https://github.com/CommunityHiQ/Frends.Community.OAuth/
/// </summary>
/// <param name="input">Parameters for the token parsing.</param>
/// <param name="options">Options to skip different validations in the token parsing. </param>
/// <returns>Object {ClaimsPrincipal ClaimsPrincipal, SecurityToken Token} </returns>
public static async Task <ParseResult> ParseToken([PropertyTab] ValidateInput input, [PropertyTab] ParseOptions options, CancellationToken cancellationToken)
{
var config = await GetConfiguration(input, cancellationToken).ConfigureAwait(false);
TokenValidationParameters validationParameters =
new TokenValidationParameters
{
ValidIssuer = input.Issuer,
ValidAudiences = new[] { input.Audience },
IssuerSigningKeys = config.SigningKeys,
ValidateLifetime = !options.SkipLifetimeValidation,
ValidateAudience = !options.SkipAudienceValidation,
ValidateIssuer = !options.SkipIssuerValidation
};
var handler = new JwtSecurityTokenHandler();
var user = handler.ValidateToken(input.GetToken(), validationParameters, out var validatedToken);
return(new ParseResult
{
ClaimsPrincipal = user,
Token = validatedToken,
});
}
