TokenValidationParameters TokenValidationParameters TokenValidationParameters Class

Definition

Contains a set of parameters that are used by a SecurityTokenHandler when validating a SecurityToken.

public class TokenValidationParameters
type TokenValidationParameters = class
Public Class TokenValidationParameters
Inheritance
TokenValidationParametersTokenValidationParametersTokenValidationParameters

Constructors

TokenValidationParameters() TokenValidationParameters() TokenValidationParameters()

Initializes a new instance of the TokenValidationParameters class.

TokenValidationParameters(TokenValidationParameters) TokenValidationParameters(TokenValidationParameters) TokenValidationParameters(TokenValidationParameters)

Copy constructor for TokenValidationParameters.

Fields

DefaultAuthenticationType DefaultAuthenticationType DefaultAuthenticationType

This is the fallback authenticationtype that a ISecurityTokenValidator will use if nothing is set.

DefaultClockSkew DefaultClockSkew DefaultClockSkew

Default for the clock skew.

DefaultMaximumTokenSizeInBytes DefaultMaximumTokenSizeInBytes DefaultMaximumTokenSizeInBytes

Default for the maximm token size.

Properties

ActorValidationParameters ActorValidationParameters ActorValidationParameters

Gets or sets TokenValidationParameters.

AudienceValidator AudienceValidator AudienceValidator

Gets or sets a delegate that will be used to validate the audience.

AuthenticationType AuthenticationType AuthenticationType

Gets or sets the AuthenticationType when creating a ClaimsIdentity.

ClockSkew ClockSkew ClockSkew

Gets or sets the clock skew to apply when validating a time.

CryptoProviderFactory CryptoProviderFactory CryptoProviderFactory

Users can override the default CryptoProviderFactory with this property. This factory will be used for creating signature providers.

IssuerSigningKey IssuerSigningKey IssuerSigningKey

Gets or sets the SecurityKey that is to be used for signature validation.

IssuerSigningKeyResolver IssuerSigningKeyResolver IssuerSigningKeyResolver

Gets or sets a delegate that will be called to retrieve a SecurityKey used for signature validation.

IssuerSigningKeys IssuerSigningKeys IssuerSigningKeys

Gets or sets an IEnumerable<T> used for signature validation.

IssuerSigningKeyValidator IssuerSigningKeyValidator IssuerSigningKeyValidator

Gets or sets a delegate for validating the SecurityKey that signed the token.

IssuerValidator IssuerValidator IssuerValidator

Gets or sets a delegate that will be used to validate the issuer of the token.

LifetimeValidator LifetimeValidator LifetimeValidator

Gets or sets a delegate that will be used to validate the lifetime of the token

NameClaimType NameClaimType NameClaimType

Gets or sets a String that defines the NameClaimType.

NameClaimTypeRetriever NameClaimTypeRetriever NameClaimTypeRetriever

Gets or sets a delegate that will be called to obtain the NameClaimType to use when creating a ClaimsIdentity after validating a token.

PropertyBag PropertyBag PropertyBag

Gets or sets the IDictionary<TKey,TValue> that contains a collection of custom key/value pairs. This allows addition of parameters that could be used in custom token validation scenarios.

RequireAudience RequireAudience RequireAudience

Gets or sets a value indicating whether SAML tokens must have at least one AudienceRestriction.

RequireExpirationTime RequireExpirationTime RequireExpirationTime

Gets or sets a value indicating whether tokens must have an 'expiration' value.

RequireSignedTokens RequireSignedTokens RequireSignedTokens

Gets or sets a value indicating whether a SecurityToken can be considered valid if not signed.

RoleClaimType RoleClaimType RoleClaimType

Gets or sets the String that defines the RoleClaimType.

RoleClaimTypeRetriever RoleClaimTypeRetriever RoleClaimTypeRetriever

Gets or sets a delegate that will be called to obtain the RoleClaimType to use when creating a ClaimsIdentity after validating a token.

SaveSigninToken SaveSigninToken SaveSigninToken

Gets or sets a boolean to control if the original token should be saved after the security token is validated.

SignatureValidator SignatureValidator SignatureValidator

Gets or sets a delegate that will be used to validate the signature of the token.

TokenDecryptionKey TokenDecryptionKey TokenDecryptionKey

Gets or sets the SecurityKey that is to be used for decryption.

TokenDecryptionKeyResolver TokenDecryptionKeyResolver TokenDecryptionKeyResolver

Gets or sets a delegate that will be called to retreive a SecurityKey used for decryption.

TokenDecryptionKeys TokenDecryptionKeys TokenDecryptionKeys

Gets or sets the IEnumerable<T> that is to be used for decrypting inbound tokens.

TokenReader TokenReader TokenReader

Gets or sets a delegate that will be used to read the token.

TokenReplayCache TokenReplayCache TokenReplayCache

Gets or set the ITokenReplayCache that store tokens that can be checked to help detect token replay.

TokenReplayValidator TokenReplayValidator TokenReplayValidator

Gets or sets a delegate that will be used to validate the token replay of the token

ValidateActor ValidateActor ValidateActor

Gets or sets a value indicating if an actor token is detected, whether it should be validated.

ValidateAudience ValidateAudience ValidateAudience

Gets or sets a boolean to control if the audience will be validated during token validation.

ValidateIssuer ValidateIssuer ValidateIssuer

Gets or sets a boolean to control if the issuer will be validated during token validation.

ValidateIssuerSigningKey ValidateIssuerSigningKey ValidateIssuerSigningKey

Gets or sets a boolean that controls if validation of the SecurityKey that signed the securityToken is called.

ValidateLifetime ValidateLifetime ValidateLifetime

Gets or sets a boolean to control if the lifetime will be validated during token validation.

ValidateTokenReplay ValidateTokenReplay ValidateTokenReplay

Gets or sets a boolean to control if the token replay will be validated during token validation.

ValidAudience ValidAudience ValidAudience

Gets or sets a string that represents a valid audience that will be used to check against the token's audience.

ValidAudiences ValidAudiences ValidAudiences

Gets or sets the IEnumerable<T> that contains valid audiences that will be used to check against the token's audience.

ValidIssuer ValidIssuer ValidIssuer

Gets or sets a String that represents a valid issuer that will be used to check against the token's issuer.

ValidIssuers ValidIssuers ValidIssuers

Gets or sets the IEnumerable<T> that contains valid issuers that will be used to check against the token's issuer.

Methods

Clone() Clone() Clone()

Returns a new instance of TokenValidationParameters with values copied from this object.

CreateClaimsIdentity(SecurityToken, String) CreateClaimsIdentity(SecurityToken, String) CreateClaimsIdentity(SecurityToken, String)

Creates a ClaimsIdentity using:

AuthenticationType

'NameClaimType': If NameClaimTypeRetriever is set, call delegate, else call NameClaimType. If the result is a null or empty string, use DefaultNameClaimType

.

'RoleClaimType': If RoleClaimTypeRetriever is set, call delegate, else call RoleClaimType. If the result is a null or empty string, use DefaultRoleClaimType

.

Applies to