ChainStoreWeb.TokenHelper.ReadAndValidateContextToken C# (CSharp) Method

TokenHelper Class Documentation Show file Open project: OfficeDev/SharePoint_Provider-hosted_Add-ins_Tutorials

ReadAndValidateContextToken() public static method

Validate that a specified context token string is intended for this application based on the parameters specified in web.config. Parameters used from web.config used for validation include ClientId, HostedAppHostNameOverride, HostedAppHostName, ClientSecret, and Realm (if it is specified). If HostedAppHostNameOverride is present, it will be used for validation. Otherwise, if the appHostName is not null, it is used for validation instead of the web.config's HostedAppHostName. If the token is invalid, an exception is thrown. If the token is valid, TokenHelper's static STS metadata url is updated based on the token contents and a JsonWebSecurityToken based on the context token is returned.

public static ReadAndValidateContextToken ( string contextTokenString, string appHostName = null ) : SharePointContextToken
contextTokenString	string	The context token to validate
appHostName	string	The URL authority, consisting of Domain Name System (DNS) host name or IP address and the port number, to use for token audience validation. /// If null, HostedAppHostName web.config setting is used instead. HostedAppHostNameOverride web.config setting, if present, will be used /// for validation instead of .
return	SharePointContextToken

        public static SharePointContextToken ReadAndValidateContextToken(string contextTokenString, string appHostName = null)
        {
            JsonWebSecurityTokenHandler tokenHandler = CreateJsonWebSecurityTokenHandler();
            SecurityToken securityToken = tokenHandler.ReadToken(contextTokenString);
            JsonWebSecurityToken jsonToken = securityToken as JsonWebSecurityToken;
            SharePointContextToken token = SharePointContextToken.Create(jsonToken);

            string stsAuthority = (new Uri(token.SecurityTokenServiceUri)).Authority;
            int firstDot = stsAuthority.IndexOf('.');

            GlobalEndPointPrefix = stsAuthority.Substring(0, firstDot);
            AcsHostUrl = stsAuthority.Substring(firstDot + 1);

            tokenHandler.ValidateToken(jsonToken);

            string[] acceptableAudiences;
            if (!String.IsNullOrEmpty(HostedAppHostNameOverride))
            {
                acceptableAudiences = HostedAppHostNameOverride.Split(';');
            }
            else if (appHostName == null)
            {
                acceptableAudiences = new[] { HostedAppHostName };
            }
            else
            {
                acceptableAudiences = new[] { appHostName };
            }

            bool validationSuccessful = false;
            string realm = Realm ?? token.Realm;
            foreach (var audience in acceptableAudiences)
            {
                string principal = GetFormattedPrincipal(ClientId, audience, realm);
                if (StringComparer.OrdinalIgnoreCase.Equals(token.Audience, principal))
                {
                    validationSuccessful = true;
                    break;
                }
            }

            if (!validationSuccessful)
            {
                throw new AudienceUriValidationFailedException(
                    String.Format(CultureInfo.CurrentCulture,
                    "\"{0}\" is not the intended audience \"{1}\"", String.Join(";", acceptableAudiences), token.Audience));
            }

            return token;
        }

TokenHelper

CreateAcsClientContextForUrl

CreateAppEventClientContext

CreateJsonWebSecurityTokenHandler

CreateRemoteEventReceiverClientContext

EnsureTrailingSlash

GetAccessToken

GetAcsGlobalEndpointUrl

GetAcsMetadataEndpointUrl

GetAcsPrincipalName

GetAppContextTokenRequestUrl

GetAppOnlyAccessToken