public IEnumerable <SecurityKey> ResolveKey(
string token,
SecurityToken securityToken,
string kid,
TokenValidationParameters validationParameters)
{
if (!TokenIsValid(token, kid, securityToken))
{
return(null);
}
if (kid == jwtOpts.KeyId && securityToken.Issuer == jwtOpts.Issuer)
{
return(new SecurityKey[] { new X509SecurityKey(new X509Certificate2(jwtOpts.Certificate)) });
}
log.LogInformation("Token", token);
log.LogInformation("Security token", securityToken.Issuer);
log.LogInformation("Kid", kid);
log.LogInformation("Interrogators", cache.Interrogators().Select(i => $"{i.Name}, {i.Issuer}, {i.KeyId}"));
var ne = cache.GetInterrogatorOrDefault(securityToken.Issuer);
log.LogInformation("Interrogator", ne);
if (ne.KeyId == kid)
{
return(new SecurityKey[] { new X509SecurityKey(new X509Certificate2(ne.Certificate)) });
}
refresh.TryEnqueue(ne);
return(null);
}
public IEnumerable <SecurityKey> ResolveKey(
string token,
SecurityToken securityToken,
string kid,
TokenValidationParameters validationParameters)
{
if (!TokenIsValid(token, kid, securityToken))
{
return(null);
}
if (kid == jwtOpts.KeyId && securityToken.Issuer == jwtOpts.Issuer)
{
return(new SecurityKey[] { new X509SecurityKey(new X509Certificate2(jwtOpts.Certificate)) });
}
var ne = cache.GetInterrogatorOrDefault(securityToken.Issuer);
if (ne.KeyId == kid)
{
return(new SecurityKey[] { new X509SecurityKey(new X509Certificate2(ne.Certificate)) });
}
refresh.TryEnqueue(ne);
return(null);
}