internal static ClaimsPrincipal ValidateToken(TokenValidationParameters validationParams, string tokenString, string secretKey)
{
validationParams.IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(secretKey));
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
SecurityToken validatedToken = null;
return(tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken));
}
/// <summary>
/// A helper that will throw if the tokenString cannot be parsed or the signature is invalid
/// </summary>
/// <param name="tokenString">The JWT token string</param>
/// <param name="secretKey">The key used to sign the token JWT token</param>
private static void ValidateToken(string tokenString)
{
JwtSecurityToken parsedToken = new JwtSecurityToken(tokenString);
TokenValidationParameters validationParams = new TokenValidationParameters
{
ValidateAudience = true,
ValidAudience = Audience,
ValidateIssuer = true,
ValidIssuer = Issuer,
ValidateLifetime = parsedToken.Payload.Exp.HasValue, // support tokens with no expiry
IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(SigningKey))
};
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
SecurityToken validatedToken = null;
tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken);
}
