anand374/OpenIdConnectCachingSecurityTokenProvider.cs Secret

## OpenIdConnectCachingSecurityTokenProvider.cs
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System.Collections.Generic;
using System.Net.Http;
using System.Threading.Tasks;

namespace TokenValidator
{
    /// <summary>
    /// Class responsible for pulling the OpenIDConnect security information for the relevant AAD endpoint (v1.0 or v2.0) in
    /// a THREAD-SAFE manner
    /// </summary>
    public class OpenIdConnectCachingSecurityTokenProvider
    {
        private ConfigurationManager<OpenIdConnectConfiguration> _configManager;
        private string _issuer;
        private IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> _tokens;
        private readonly string _metadataEndpoint;


        /// <summary>
        /// Constructor for creating instance of security token provider
        /// </summary>
        /// <param name="metadataEndpoint"></param>
        /// <param name="metadataClient"></param>
        public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint, HttpClient metadataClient)
        {
            _metadataEndpoint = metadataEndpoint;
            _configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever(), metadataClient);
            RetrieveMetadata();
        }

        /// <summary>
        /// Gets the issuer the credentials are for.
        /// </summary>
        /// <value>
        /// The issuer the credentials are for.
        /// </value>
        public string Issuer
        {
            get
            {
                RetrieveMetadata();
                return _issuer;
            }
        }

        /// <summary>
        /// Gets all known security tokens.
        /// </summary>
        /// <value>
        /// All known security tokens.
        /// </value>
        public IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> SecurityTokens
        {
            get
            {
                RetrieveMetadata();
                return _tokens;
            }
        }

        /// <summary>
        /// Retrieves the metadata including the issuer and signing keys. Note that there is a
        /// refresh interval involved and not all calls to this method result in actual calls to Microsoft AAD
        /// to refresh the Issuer and SigningKeys. Please look into AutomaticRefreshInterval and RefreshInterval
        /// of Microsoft.IdentityModel.Protocols.ConfigurationManager.
        /// </summary>
        private void RetrieveMetadata()
        {
            OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
            _issuer = config.Issuer;
            _tokens = config.SigningKeys;
        }

        /// <summary>
        /// Cause a forced refresh of signing keys, useful in case key rollover happened.
        /// </summary>
        public void RequestRefresh()
        {
            _configManager.RequestRefresh();
        }
    }
}
	using Microsoft.IdentityModel.Protocols;
	using Microsoft.IdentityModel.Protocols.OpenIdConnect;
	using System.Collections.Generic;
	using System.Net.Http;
	using System.Threading.Tasks;

	namespace TokenValidator
	{
	/// <summary>
	/// Class responsible for pulling the OpenIDConnect security information for the relevant AAD endpoint (v1.0 or v2.0) in
	/// a THREAD-SAFE manner
	/// </summary>
	public class OpenIdConnectCachingSecurityTokenProvider
	{
	private ConfigurationManager<OpenIdConnectConfiguration> _configManager;
	private string _issuer;
	private IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> _tokens;
	private readonly string _metadataEndpoint;


	/// <summary>
	/// Constructor for creating instance of security token provider
	/// </summary>
	/// <param name="metadataEndpoint"></param>
	/// <param name="metadataClient"></param>
	public OpenIdConnectCachingSecurityTokenProvider(string metadataEndpoint, HttpClient metadataClient)
	{
	_metadataEndpoint = metadataEndpoint;
	_configManager = new ConfigurationManager<OpenIdConnectConfiguration>(metadataEndpoint, new OpenIdConnectConfigurationRetriever(), metadataClient);
	RetrieveMetadata();
	}

	/// <summary>
	/// Gets the issuer the credentials are for.
	/// </summary>
	/// <value>
	/// The issuer the credentials are for.
	/// </value>
	public string Issuer
	{
	get
	{
	RetrieveMetadata();
	return _issuer;
	}
	}

	/// <summary>
	/// Gets all known security tokens.
	/// </summary>
	/// <value>
	/// All known security tokens.
	/// </value>
	public IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> SecurityTokens
	{
	get
	{
	RetrieveMetadata();
	return _tokens;
	}
	}

	/// <summary>
	/// Retrieves the metadata including the issuer and signing keys. Note that there is a
	/// refresh interval involved and not all calls to this method result in actual calls to Microsoft AAD
	/// to refresh the Issuer and SigningKeys. Please look into AutomaticRefreshInterval and RefreshInterval
	/// of Microsoft.IdentityModel.Protocols.ConfigurationManager.
	/// </summary>
	private void RetrieveMetadata()
	{
	OpenIdConnectConfiguration config = Task.Run(_configManager.GetConfigurationAsync).Result;
	_issuer = config.Issuer;
	_tokens = config.SigningKeys;
	}

	/// <summary>
	/// Cause a forced refresh of signing keys, useful in case key rollover happened.
	/// </summary>
	public void RequestRefresh()
	{
	_configManager.RequestRefresh();
	}
	}
	}