public static IPrincipal GetPrincipal(string tokenString)
        {
            JwtSecurityToken parsedJwt = null;
            IPrincipal       principal = AuthenticationTokenManager.ValidateJwtToken(tokenString, out parsedJwt);

            return(principal);
        }
示例#2
0
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            HttpStatusCode statusCode;
            string         token;

            var authHeader = request.Headers.Authorization;

            if (authHeader == null)
            {
                return(base.SendAsync(request, cancellationToken));
            }

            if (!TryRetrieveToken(request, out token))
            {
                statusCode = HttpStatusCode.Unauthorized;
                return(Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(statusCode)));
            }

            try
            {
                JwtSecurityToken parsedJwt = null;
                IPrincipal       principal = AuthenticationTokenManager.ValidateJwtToken(token, out parsedJwt);

                //this works for both self hosted using owin and IIS hosted
                request.GetRequestContext().Principal = principal;

                return(base.SendAsync(request, cancellationToken));
            }
            catch (SecurityTokenExpiredException)
            {
                statusCode = HttpStatusCode.Unauthorized;
            }
            catch (SecurityTokenValidationException)
            {
                statusCode = HttpStatusCode.Unauthorized;
            }
            catch (Exception)
            {
                statusCode = HttpStatusCode.InternalServerError;
            }

            return(Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(statusCode)));
        }
 public static void InvalidateJwtToken(string jwtToken)
 {
     AuthenticationTokenManager.InvalidateJwtToken(jwtToken);
 }