public void Configuration(IAppBuilder app) { var config = new HttpConfiguration(); config.EnableSystemDiagnosticsTracing(); var clientID = WebConfigurationManager.AppSettings["okta:ClientId"]; var tenantUrl = WebConfigurationManager.AppSettings["okta:TenantUrl"]; var tvps = new TokenValidationParameters { ValidAudience = tenantUrl, ValidateAudience = true, ValidIssuer = tenantUrl, ValidateIssuer = true, }; var additionalTokenValidationParamters = new Dictionary <string, string>() { // Validate Client ID claim ["cid"] = clientID }; var securityTokenProvider = new OpenIdConnectCachingSecurityTokenProvider(tenantUrl + "/.well-known/openid-configuration"); var jwtFormat = new CustomValidatingJwtFormat(tvps, additionalTokenValidationParamters, securityTokenProvider); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions { AccessTokenFormat = jwtFormat }); }
public CustomValidatingJwtFormat( TokenValidationParameters tvps, IReadOnlyDictionary <string, string> additionalTokenValidationParamters, OpenIdConnectCachingSecurityTokenProvider securityTokenProvider) : base(tvps, securityTokenProvider) { if (_additionalTokenValidationParamters == null) { _additionalTokenValidationParamters = new Dictionary <string, string>(); } _tvps = tvps; _additionalTokenValidationParamters = additionalTokenValidationParamters; _securityTokenProvider = securityTokenProvider; }