Microsoft.IdentityModel.Tokens Namespace

Classes

AsymmetricSecurityKey

Base class for a Security Key that contains Asymmetric key material.

AsymmetricSignatureProvider

Provides signature and verification operations for Asymmetric Algorithms using a SecurityKey.

AuthenticatedEncryptionProvider

Provides authenticated encryption and decryption services.

AuthenticatedEncryptionResult

Contains the results of Encrypt(Byte[], Byte[]) operation.

Base64UrlEncoder

Encodes and Decodes strings as Base64Url encoding.

CallContext

An opaque context used to store work when working with authentication artifacts.

CompressionAlgorithms

Constants for compression algorithms.

CompressionProviderFactory

Compression provider factory for compression and decompression.

CryptoProviderCache

Definition of cache for crypto providers

CryptoProviderCacheOptions

Specifies the CryptoProviderCacheOptions which can be used to configure the internal cryptoprovider cache. We are using our own simple LRU caching implementation across all targets. See Microsoft.IdentityModel.Tokens.EventBasedLRUCache`2 for more details.

CryptoProviderFactory

Creates cryptographic operators by specifying a SecurityKey's and algorithms.

DateTimeUtil

Helper class for adding DateTimes and Timespans.

DeflateCompressionProvider

A compression provider that supports compression and decompression using the Deflate algorithm.

ECDsaSecurityKey

Represents a ECDsa security key.

EncryptingCredentials

A class for properties that are used for token encryption.

EpochTime

Returns the absolute DateTime or the Seconds since Unix Epoch, where Epoch is UTC 1970-01-01T0:0:0Z.

InMemoryCryptoProviderCache

Defines a cache for crypto providers. Current support is limited to SignatureProvider only.

JsonWebAlgorithmsKeyTypes

Constants for JsonWebAlgorithms "kty" Key Type (sec 6.1) http://tools.ietf.org/html/rfc7518#section-6.1

JsonWebKey

Represents a JSON Web Key as defined in http://tools.ietf.org/html/rfc7517.

JsonWebKeyConverter

Converts a SecurityKey into a JsonWebKey Supports: converting to a JsonWebKey from one of: RsaSecurityKey, X509SecurityKey, and SymmetricSecurityKey.

JsonWebKeyECTypes

Constants for JsonWebKey Elliptical Curve Types https://tools.ietf.org/html/rfc7518#section-6.2.1.1

JsonWebKeyParameterNames

Names for Json Web Key Values

JsonWebKeySet

Contains a collection of JsonWebKey that can be populated from a json string.

JsonWebKeySetParameterNames

Names for Json Web Key Set Values

JsonWebKeyUseNames

Constants for JsonWebKeyUse (sec 4.2) http://tools.ietf.org/html/rfc7517#section-4

KeyWrapProvider

Provides Wrap key and Unwrap key services.

RsaKeyWrapProvider

Provides RSA Wrap key and Unwrap key services.

RsaSecurityKey

Represents a Rsa security key.

SecurityAlgorithms

Constants for Security Algorithm.

SecurityKey

Base class for Security Key.

SecurityKeyIdentifierClause

Contains information about the keys inside the tokens.

SecurityToken

Base class for security token.

SecurityTokenCompressionFailedException

Thrown when JWE compression fails.

SecurityTokenDecompressionFailedException

Thrown when JWE decompression fails.

SecurityTokenDecryptionFailedException

Represents a security token exception when decryption failed.

SecurityTokenDescriptor

Contains some information which used to create a security token.

SecurityTokenEncryptionFailedException

Represents a security token exception when encryption failed.

SecurityTokenEncryptionKeyNotFoundException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime when decrypting a token.

SecurityTokenException

Represents a security token exception.

SecurityTokenExpiredException

Throw this exception when a received Security Token has expiration time in the past.

SecurityTokenHandler

Defines the interface for a Security Token Handler.

SecurityTokenInvalidAlgorithmException

This exception is thrown when a cryptographic algorithm is invalid.

SecurityTokenInvalidAudienceException

This exception is thrown when 'audience' of a token was not valid.

SecurityTokenInvalidIssuerException

This exception is thrown when 'issuer' of a token was not valid.

SecurityTokenInvalidLifetimeException

This exception is thrown when 'lifetime' of a token was not valid.

SecurityTokenInvalidSignatureException

This exception is thrown when 'signature' of a token was not valid.

SecurityTokenInvalidSigningKeyException

Throw this exception when a received Security Token has an invalid issuer signing key.

SecurityTokenInvalidTypeException

This exception is thrown when the token type ('typ' header claim) of a JWT token is invalid.

SecurityTokenKeyWrapException

Represents a key wrap exception when encryption failed.

SecurityTokenNoExpirationException

This exception is thrown when a security is missing an ExpirationTime.

SecurityTokenNotYetValidException

Throw this exception when a received Security token has an effective time in the future.

SecurityTokenReplayAddFailedException

This exception is thrown when an add to the TokenReplayCache fails.

SecurityTokenReplayDetectedException

Throw this exception when a received Security Token has been replayed.

SecurityTokenSignatureKeyNotFoundException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime.

SecurityTokenUnableToValidateException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime and when validation errors exist over the security token. This exception is not intended to be used as a signal to refresh keys.

SecurityTokenValidationException

Represents a security token validation exception.

SignatureProvider

Provides signature services, signing and verifying.

SigningCredentials

Defines the SecurityKey, algorithm and digest for digital signatures.

SymmetricKeyWrapProvider

Provides Wrap key and Unwrap key services.

SymmetricSecurityKey

Represents a symmetric security key.

SymmetricSignatureProvider

Provides signing and verifying operations using a SymmetricSecurityKey and specifying an algorithm.

TokenContext

An opaque context used to store work when working with authentication artifacts.

TokenHandler

Defines properties shared across all security token handlers.

TokenValidationParameters

Contains a set of parameters that are used by a SecurityTokenHandler when validating a SecurityToken.

TokenValidationResult

Contains artifacts obtained when a SecurityToken is validated.

UniqueId

Generates unique IDs.

Utility

Contains some utility methods.

Validators

AudienceValidator

X509EncryptingCredentials

An X509EncryptingCredentials designed to construct EncryptingCredentials based on a x509 certificate.

X509SecurityKey

An AsymmetricSecurityKey that is backed by a X509Certificate2

X509SigningCredentials

Defines the X509Certificate2, algorithm and digest for digital signatures.

Interfaces

ICompressionProvider

Compression provider interface.

ICryptoProvider

Provides extensibility for cryptographic operators. If custom operators are needed for then CustomCryptoProvider can be set to return these operators. CustomCryptoProvider will be before each creation.

ISecurityTokenValidator

ISecurityTokenValidator

ITokenReplayCache

Interface that defines a simple cache for tacking replaying of security tokens.

Enums

PrivateKeyStatus

Enum for the existence of private key

ValidationFailure

The reason for being unable to validate

Delegates

AlgorithmValidator

Definition for AlgorithmValidator

AudienceValidator

Definition for AudienceValidator.

IssuerSigningKeyResolver

Definition for IssuerSigningKeyResolver.

IssuerSigningKeyValidator

Definition for IssuerSigningKeyValidator.

IssuerValidator

Definition for IssuerValidator.

LifetimeValidator

Definition for LifetimeValidator.

SignatureValidator

Definition for SignatureValidator.

TokenDecryptionKeyResolver

Definition for TokenDecryptionKeyResolver.

TokenReader

Definition for TokenReader.

TokenReplayValidator

Definition for TokenReplayValidator.

TypeValidator

Definition for TypeValidator.