public static async Task <OidcDataManager> CreateCachedContext(IKeycloakParameters options, bool preload = true) { var newContext = new OidcDataManager(options); OidcManagerCache[options.AuthenticationType + CachedContextPostfix] = newContext; if (preload) { await newContext.ValidateCachedContextAsync(); } return(newContext); }
public bool TryValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager, out SecurityToken rToken) { try { rToken = ValidateToken(jwt, options, uriManager); return true; } catch (Exception) { rToken = null; return false; } }
public bool TryValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager, out SecurityToken rToken) { try { rToken = ValidateToken(jwt, options, uriManager); return(true); } catch (Exception) { rToken = null; return(false); } }
private static async Task <OidcDataManager> CreateCachedContext(IOwinContext context, IKeycloakParameters options, bool preload = true) { var newContext = new OidcDataManager(context, options); var realmPrefix = GetRealmPrefix(context); OidcManagerCache[realmPrefix + options.AuthenticationType + CachedContextPostfix] = newContext; if (preload) { await newContext.ValidateCachedContextAsync(); } return(newContext); }
public static async Task<SecurityToken> ValidateTokenRemote(string jwt, OidcDataManager uriManager) { // This should really only be used on access tokens... var uri = new Uri(uriManager.TokenValidationEndpoint, "?access_token=" + jwt); try { var client = new HttpClient(); var response = await client.GetAsync(uri); if (!response.IsSuccessStatusCode) throw new Exception(); return new JwtSecurityToken(jwt); // TODO: Get this from returned JSON } catch (Exception) { throw new SecurityTokenValidationException("Remote Token Validation Failed"); } }
public SecurityToken ValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager) { var tokenValidationParameters = new TokenValidationParameters { ValidateLifetime = true, RequireExpirationTime = true, ValidateIssuer = !options.DisableIssuerValidation, ValidateAudience = !options.DisableAudienceValidation, ValidateIssuerSigningKey = !options.DisableTokenSignatureValidation, RequireSignedTokens = !options.AllowUnsignedTokens, ValidIssuer = uriManager.GetIssuer(), ClockSkew = options.TokenClockSkew, ValidAudiences = new List<string> {"null", options.ClientId}, IssuerSigningTokens = uriManager.GetJsonWebKeys().GetSigningTokens(), AuthenticationType = options.AuthenticationType // Not used }; return ValidateToken(jwt, tokenValidationParameters); }
public SecurityToken ValidateToken(string jwt, IKeycloakParameters options, OidcDataManager uriManager) { var tokenValidationParameters = new TokenValidationParameters { ValidateLifetime = true, RequireExpirationTime = true, ValidateIssuer = !options.DisableIssuerValidation, ValidateAudience = !options.DisableAudienceValidation, ValidateIssuerSigningKey = !options.DisableTokenSignatureValidation, RequireSignedTokens = !options.AllowUnsignedTokens, ValidIssuer = uriManager.GetIssuer(), ClockSkew = options.TokenClockSkew, ValidAudiences = new List <string> { "null", options.ClientId }, IssuerSigningKeys = uriManager.GetJsonWebKeys().GetSigningKeys(), }; return(ValidateToken(jwt, tokenValidationParameters)); }
public static async Task <SecurityToken> ValidateTokenRemote(string jwt, OidcDataManager uriManager) { // This should really only be used on access tokens... var uri = new Uri(uriManager.TokenValidationEndpoint, "?access_token=" + jwt); try { var client = new HttpClient(); var response = await client.GetAsync(uri); if (!response.IsSuccessStatusCode) { throw new Exception(); } return(new JwtSecurityToken(jwt)); // TODO: Get this from returned JSON } catch (Exception) { throw new SecurityTokenValidationException("Remote Token Validation Failed"); } }
public static async Task<OidcDataManager> CreateCachedContext(IKeycloakParameters options, bool preload = true) { var newContext = new OidcDataManager(options); OidcManagerCache[options.AuthenticationType + CachedContextPostfix] = newContext; if (preload) await newContext.ValidateCachedContextAsync(); return newContext; }
public async Task <SecurityToken> ValidateTokenAsync(string jwt, IKeycloakParameters options) { var uriManager = await OidcDataManager.GetCachedContextAsync(options); return(ValidateToken(jwt, options, uriManager)); }
public static async Task <SecurityToken> ValidateTokenRemote(IOwinContext context, string jwt, IKeycloakParameters options) { var uriManager = await OidcDataManager.GetCachedContextAsync(context, options); return(await ValidateTokenRemote(jwt, uriManager)); }