Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Documentation] When should we consider for `ValidateTokenAsync`
See original GitHub issueDocumentation related to component
Currently, we had ValidateToken and ValidateTokenAsync, for example, when we’re using JwtSecurityTokenHandler should we prefer using the ValidateTokenAsync introduced in 6.16.0.
From what I can see, the ValidateTokenAsync could not replace the ValidateToken completely,
the ValidateToken method is returning a ClaimsPrincipal, while the ValidateTokenAsync method is returning a TokenValidationResult model which contains a ClaimsIdentity but not contains a ClaimsPrincipal
Please check all that apply
- typo
- documentation doesn’t exist
- documentation needs clarification
- error(s) in the example
- needs an example
Description of the issue
Need some guidance for the ValidateTokenAsync method
Issue Analytics
- State:
- Created a year ago
- Comments:6 (6 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@brentschmaltz Yes, that sounds good. For my SAML2P package I can then bundle multiple generated identities from IdentityModel into one ClaimsPrincipal.
@brentschmaltz Multiple assertions in the same SAML2 response is a rare thing, I’ve never heard of it being used, although it is allowed in the spec. For the Web SSO profile, there is a requirement that all identities refer to the same subject, so in that case it would actually work that
IsInRolechecks all identities. But I guess that anyone using multiple identities would probably not use the principal IsInRole anyway.