Пример #1
0
        public ClaimsPrincipal GetPrincipal(string token, bool isValidateLifetime = true)
        {
            var tokenValidationParameters = JwtSettings.GetValidationParameters(isValidateLifetime);

            var tokenHandler     = new JwtSecurityTokenHandler();
            var clearToken       = token.Replace("Bearer ", string.Empty);
            var principal        = tokenHandler.ValidateToken(clearToken, tokenValidationParameters, out var securityToken);
            var jwtSecurityToken = securityToken as JwtSecurityToken;

            if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(JwtSettings.EncodingSigningAlgorithm, StringComparison.InvariantCultureIgnoreCase) ||
                !jwtSecurityToken.Header.Enc.Equals(JwtSettings.EncodingEncryptingAlgorithm, StringComparison.InvariantCultureIgnoreCase))
            {
                return(null);
            }

            return(principal);
        }