VisualBean
2/1/2016 - 8:59 PM

JsonWebAuthorizationTokenProvider.cs

public ClaimsPrincipal ValidateToken(string jwToken)
{
    ClaimsPrincipal principal;
    SecurityToken token;
    var handler = new JwtSecurityTokenHandler();                       
    var validationParameters = ValidationParameters(); //The validation parameters used to validate the token
    
    try
    {
      //Try to validate token - will throw exception if anything is wrong, else return the ClaimsPrincipal
        principal = handler.ValidateToken(jwToken, validationParameters, out token); 
    }
    catch (Exception ex)
    {
        principal = null;
    }
    return principal; 
}
private TokenValidationParameters ValidationParameters()
{
    //Expiration time is validated by default, but can be set explicitly
    var validationParameters = new TokenValidationParameters();
    var signKey = signingCredentials.Key; 
    validationParameters.IssuerSigningKey = signKey; //Validate signingKey (the private key we used to sign the header with)
    validationParameters.ValidAudience = Audience; //Validate correct audience
    validationParameters.ValidIssuer = Issuer; //Validate correct issuer
    return validationParameters;
}