protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
string authHeader = request.Headers.GetValues("Authorization").First();
string header = "OAuth ";
string token = string.Empty;
if (string.CompareOrdinal(authHeader, 0, header, 0, header.Length) == 0)
{
token = authHeader.Remove(0, header.Length);
}
else
{
throw new HttpException((int)System.Net.HttpStatusCode.Unauthorized, "The authorization header was invalid");
}
var validator = new SimpleWebTokenValidator
{
SharedKeyBase64 = "yourtokensigningkey"
};
var swt = validator.ValidateToken(token);
return(base.SendAsync(request, cancellationToken));
}
public TokenData Get(IpData data)
{
// Validate security token
var validator = new SimpleWebTokenValidator
{
SharedKeyBase64 = "ZY+lm6+MQeWVSeMdV+apXAaaIGNTZT7ztfBskldOMn0="
};
Dictionary <string, string> claims;
try
{
claims = validator.ValidateToken(data.Token).Claims;
}
catch (HttpException e)
{
throw new BadRequestException(e);
}
catch (InvalidSecurityTokenException e)
{
throw new BadRequestException(e);
}
// Get values
string identityProvider = claims.Single(p => p.Key == CommonClaims.AcsIdentityProvider).Value;
return(new TokenData
{
UserIdentifier = claims.Single(p => p.Key == CommonClaims.NameIdentifier).Value,
Name = claims.SingleOrDefault(p => p.Key == CommonClaims.Name).Value,
Email = claims.SingleOrDefault(p => p.Key == CommonClaims.Email).Value,
IdentityProvider = IdentityTypeParser.ParseProviderType(identityProvider),
Token = GetToken(claims),
TokenSecret = GetTokenSecret(claims)
});
}