/// <summary>Configure the <see cref="TokenValidationPolicy"/> based on the <paramref name="metadataUri"/> /// as defined by https://tools.ietf.org/html/rfc8414 and https://openid.net/specs/openid-connect-discovery-1_0.html.</summary> public TokenValidationPolicyBuilder RequireMetadataConfiguration(string metadataUri, SignatureAlgorithm defaultAlgorithm, HttpMessageHandler?handler = null) { if (!Uri.IsWellFormedUriString(metadataUri, UriKind.Absolute)) { throw new InvalidOperationException($"'{metadataUri}' is not a valid URL."); } var keyProvider = new JwksHttpKeyProvider(metadataUri, handler); return(RequireSignatureByDefault(keyProvider.Issuer !, keyProvider, defaultAlgorithm)); }
/// <summary>Configure the <see cref="TokenValidationPolicy"/> based on the <paramref name="metadataUri"/> /// as defined by https://tools.ietf.org/html/rfc8414 and https://openid.net/specs/openid-connect-discovery-1_0.html.</summary> public TokenValidationPolicyBuilder RequireMetadataConfiguration(string metadataUri, SignatureAlgorithm algorithm, HttpMessageHandler?handler = null, long minimumRefreshInterval = CachedKeyProvider.DefaultMinimumRefreshInterval, long automaticRefreshInterval = CachedKeyProvider.DefaultAutomaticRefreshInterval, bool validateIssuer = true) { if (!Uri.IsWellFormedUriString(metadataUri, UriKind.Absolute)) { throw new InvalidOperationException($"'{metadataUri}' is not a valid URL."); } var keyProvider = new JwksHttpKeyProvider(metadataUri, handler, minimumRefreshInterval, automaticRefreshInterval, validateIssuer); return(RequireSignature(keyProvider.Issuer, keyProvider, algorithm)); }