public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out IdentityModel.Tokens.SecurityToken validatedToken) { ApiKey key = null; // Look up api-key try { key = _keyProvider.FindKey(securityToken); } catch { // // Failure to obtain the key is considered as invalid/missing key } // // The api-key is not found, so the validation's failed. if (key == null) { validatedToken = null; // Unauthenticated Principal return(new ClaimsPrincipal()); } // // Success! validatedToken = new SecurityToken(key); // Authenticated Principal IEnumerable <Claim> claims = new Claim[] { new Claim(Core.Security.ClaimTypes.AccessToken, securityToken) }; return(new ClaimsPrincipal(new ClaimsIdentity(claims, JwtBearerDefaults.AuthenticationScheme))); }
private ApiKey GetCurrentApiKey() { var principal = Context.User as ClaimsPrincipal; if (principal == null) { return(null); } Claim tokenClaim = principal.Claims.Where(c => c.Type == Core.Security.ClaimTypes.AccessToken).FirstOrDefault(); if (tokenClaim == null) { return(null); } return(_keyProvider.FindKey(tokenClaim.Value)); }
private string GetRequestApiKeyId(HttpContext context) { var principal = context.User as ClaimsPrincipal; if (principal == null) { return(null); } Claim tokenClaim = principal.Claims.Where(c => c.Type == Core.Security.ClaimTypes.AccessToken).FirstOrDefault(); IApiKeyProvider keyProvider = (IApiKeyProvider)context.RequestServices.GetService(typeof(IApiKeyProvider)); if (tokenClaim == null || keyProvider == null) { return(null); } var requestKey = keyProvider.FindKey(tokenClaim.Value); return(requestKey == null ? null : requestKey.Id); }