public SecurityToken ValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager, bool isRefreshToken = false) { var tokenValidationParameters = new TokenValidationParameters { ValidateLifetime = true, RequireExpirationTime = true, ValidateIssuer = !options.DisableIssuerValidation, ValidateAudience = !options.DisableAudienceValidation, ValidateIssuerSigningKey = !options.DisableTokenSignatureValidation, RequireSignedTokens = !options.AllowUnsignedTokens, ValidIssuer = uriManager.GetIssuer(), ClockSkew = options.TokenClockSkew, ValidAudiences = new List <string> { "null", options.ClientId }, IssuerSigningKeys = uriManager.GetJsonWebKeys().GetSigningKeys(), AuthenticationType = options.AuthenticationType // Not used }; bool disableAllValidation = isRefreshToken && options.DisableAllRefreshTokenValidation; if (disableAllValidation) { return(ReadJwtToken(jwt)); } bool disableOnlySignatureValidation = isRefreshToken && options.DisableRefreshTokenSignatureValidation; return(ValidateToken(jwt, tokenValidationParameters, disableOnlySignatureValidation)); }
public static async Task <OidcDataManager> CreateCachedContext(IKeycloakParameters options, bool preload = true) { var newContext = new OidcDataManager(options); OidcManagerCache[options.AuthenticationType + CachedContextPostfix] = newContext; if (preload) { await newContext.ValidateCachedContextAsync(); } return(newContext); }
public bool TryValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager, out SecurityToken rToken, bool isRefreshToken = false) { try { rToken = ValidateToken(jwt, options, uriManager, isRefreshToken); return(true); } catch (Exception) { rToken = null; return(false); } }
public static async Task <SecurityToken> ValidateTokenRemote(string jwt, OidcDataManager uriManager) { // This should really only be used on access tokens... var uri = new Uri(uriManager.TokenValidationEndpoint, "?access_token=" + jwt); try { var client = new HttpClient(); var response = await client.GetAsync(uri); if (!response.IsSuccessStatusCode) { throw new Exception(); } return(new JwtSecurityToken(jwt)); // TODO: Get this from returned JSON } catch (Exception) { throw new SecurityTokenValidationException("Remote Token Validation Failed"); } }
public async Task <SecurityToken> ValidateTokenAsync(string jwt, IKeycloakParameters options, bool isRefreshToken = false) { var uriManager = await OidcDataManager.GetCachedContextAsync(options); return(ValidateToken(jwt, options, uriManager, isRefreshToken)); }
public static async Task <SecurityToken> ValidateTokenRemote(string jwt, IKeycloakParameters options) { var uriManager = await OidcDataManager.GetCachedContextAsync(options); return(await ValidateTokenRemote(jwt, uriManager)); }