private IPrincipal ValidateJWT(string jwt) { var handler = new JwtSecurityTokenHandler { CertificateValidator = X509CertificateValidator.None }; if (!handler.CanReadToken(jwt)) { return(null); } var parameters = new TokenValidationParameters { ValidAudience = GetValidAudiance(), ValidateIssuer = false, ValidateAudience = false, IssuerSigningTokens = OpenIdConfiguration.GetIssuerSigningKeys(jwt) }; try { var user = handler.ValidateToken(jwt, parameters); var upnClaim = user.Claims.Where(c => c.Type == upnClaimType).Select(c => c.Value).FirstOrDefault(); var emailClaim = user.Claims.Where(c => c.Type == emailClaimType).Select(c => c.Value).FirstOrDefault(); var nameClaim = user.Claims.Where(c => c.Type == nameClaimType).Select(c => c.Value).FirstOrDefault(); var issuerClaim = user.Claims.Where(c => c.Type == issuerClaimType).Select(c => c.Value).FirstOrDefault(); var puidClaim = user.Claims.Where(c => c.Type == puidClaimType).Select(c => c.Value).FirstOrDefault(); var altSecId = user.Claims.Where(c => c.Type == altSecIdClaimType).Select(c => c.Value).FirstOrDefault(); var principal = new TryWebsitesPrincipal(new TryWebsitesIdentity(upnClaim ?? emailClaim ?? user.Identity.Name, altSecId ?? puidClaim, GetIssuerName(altSecId ?? puidClaim))); return(principal); } catch (Exception e) { //failed validating SimpleTrace.Diagnostics.Error(e, "Error reading claims {jwt}", jwt); } return(null); }
private IPrincipal ValidateJWT(string jwt) { var handler = new JwtSecurityTokenHandler { CertificateValidator = X509CertificateValidator.None }; if (!handler.CanReadToken(jwt)) { return null; } var parameters = new TokenValidationParameters { ValidAudience = GetValidAudiance(), ValidateIssuer = false, IssuerSigningTokens = OpenIdConfiguration.GetIssuerSigningKeys(jwt) }; try { var user = handler.ValidateToken(jwt, parameters); var upnClaim = user.Claims.Where(c => c.Type == upnClaimType).Select(c => c.Value).FirstOrDefault(); var emailClaim = user.Claims.Where(c => c.Type == emailClaimType).Select(c => c.Value).FirstOrDefault(); var nameClaim = user.Claims.Where(c => c.Type == nameClaimType).Select(c => c.Value).FirstOrDefault(); var issuerClaim = user.Claims.Where(c => c.Type == issuerClaimType).Select(c => c.Value).FirstOrDefault(); var puidClaim = user.Claims.Where(c => c.Type == puidClaimType ).Select(c => c.Value).FirstOrDefault(); var altSecId = user.Claims.Where(c => c.Type == altSecIdClaimType).Select(c => c.Value).FirstOrDefault(); var principal = new TryWebsitesPrincipal(new TryWebsitesIdentity(upnClaim ?? emailClaim ?? user.Identity.Name, altSecId ?? puidClaim, GetIssuerName(altSecId ?? puidClaim))); return principal; } catch (Exception e) { //failed validating SimpleTrace.Diagnostics.Error(e, "Error reading claims {jwt}", jwt); } return null; }