public async Task <ClaimsIdentity> ValidateIdentity(KeycloakAuthenticationOptions options, string authenticationType = null) { // Validate JWTs provided SecurityToken idToken = null, refreshToken = null, accessToken = null; var tokenHandler = new KeycloakTokenHandler(); if (_keycloakToken.IdToken != null) { idToken = tokenHandler.ValidateToken(_keycloakToken.IdToken, options); } if (_keycloakToken.RefreshToken != null) { refreshToken = tokenHandler.ValidateToken(_keycloakToken.RefreshToken, options); } if (_keycloakToken.AccessToken != null) { if (options.UseRemoteTokenValidation) { accessToken = await KeycloakTokenHandler.ValidateTokenRemote(_keycloakToken.AccessToken, options); } else { accessToken = tokenHandler.ValidateToken(_keycloakToken.AccessToken, options); } } // Create the new claims identity return // TODO: Convert to MS claims parsing in token handler (new ClaimsIdentity( GenerateJwtClaims(accessToken as JwtSecurityToken, idToken as JwtSecurityToken, refreshToken as JwtSecurityToken, options), authenticationType ?? options.SignInAsAuthenticationType)); }
public async Task<ClaimsIdentity> ValidateIdentity(KeycloakAuthenticationOptions options, string authenticationType = null) { // Validate JWTs provided SecurityToken idToken = null, refreshToken = null, accessToken = null; var tokenHandler = new KeycloakTokenHandler(); if (_keycloakToken.IdToken != null) idToken = tokenHandler.ValidateToken(_keycloakToken.IdToken, options); if (_keycloakToken.RefreshToken != null) refreshToken = tokenHandler.ValidateToken(_keycloakToken.RefreshToken, options); if (_keycloakToken.AccessToken != null) { if (options.UseRemoteTokenValidation) accessToken = await KeycloakTokenHandler.ValidateTokenRemote(_keycloakToken.AccessToken, options); else accessToken = tokenHandler.ValidateToken(_keycloakToken.AccessToken, options); } // Create the new claims identity return // TODO: Convert to MS claims parsing in token handler new ClaimsIdentity( GenerateJwtClaims(accessToken as JwtSecurityToken, idToken as JwtSecurityToken, refreshToken as JwtSecurityToken, options), authenticationType ?? options.SignInAsAuthenticationType); }