public ClaimsPrincipal ValidateToken(string jwToken)
{
ClaimsPrincipal principal;
SecurityToken token;
var handler = new JwtSecurityTokenHandler();
var validationParameters = ValidationParameters(); //The validation parameters used to validate the token
try
{
//Try to validate token - will throw exception if anything is wrong, else return the ClaimsPrincipal
principal = handler.ValidateToken(jwToken, validationParameters, out token);
}
catch (Exception ex)
{
principal = null;
}
return principal;
}
private TokenValidationParameters ValidationParameters()
{
//Expiration time is validated by default, but can be set explicitly
var validationParameters = new TokenValidationParameters();
var signKey = signingCredentials.Key;
validationParameters.IssuerSigningKey = signKey; //Validate signingKey (the private key we used to sign the header with)
validationParameters.ValidAudience = Audience; //Validate correct audience
validationParameters.ValidIssuer = Issuer; //Validate correct issuer
return validationParameters;
}