public override SecurityToken ReadToken(XmlReader reader)
{
if (reader == null)
{
throw new ArgumentNullException("tokenDescriptor");
}
//Contract.Ensures(Contract.Result<SecurityToken>() != null);
//Contract.EndContractBlock();
var xml = XElement.ReadFrom(reader) as XElement;
var issuerCertificate = VerifySignature(xml);
var token = ReadTokenValues(xml, issuerCertificate);
return token;
}