public JsonResult CheckAADJWT(string token, string tenantId, string clientId)
{
var stsDiscoveryEndpoint = $"https://login.microsoftonline.com/{tenantId}/v2.0/.well-known/openid-configuration";
var signingKeys = _verifyService.GetSigningKeys(stsDiscoveryEndpoint, token, tenantId, clientId);
if (signingKeys == null)
{
return(new JsonResult(new { status = false, msg = $"Token validation failed. You can try it later." }));
}
var isValidity = _verifyService.ValidateAADJWT(token, tenantId, stsDiscoveryEndpoint, signingKeys, false);
if (isValidity)
{
// token is valid
if (!_verifyService.ValidateJWTExpirationTime(_verifyService.GetClaim(token, "exp"), 0))
{
// token is expired
return(new JsonResult(new { status = false, msg = $"Token is expired." }));
}
// token is valid and not expired
return(new JsonResult(new { status = true, msg = "Token is valid." }));
}
return(new JsonResult(new { status = false, msg = $"Token validation failed." }));
}
