> ## Documentation Index > Fetch the complete documentation index at: https://easyaf.dev/llms.txt > Use this file to discover all available pages before exploring further. # ITokenValidationService > Provides services for validating JWT tokens and extracting user context. export function DocsBadge({text, variant = 'neutral'}) { const variantClasses = { success: 'mint-bg-green-500/10 mint-text-green-600 dark:mint-text-green-400 mint-border-green-500/20', neutral: 'mint-bg-slate-500/10 mint-text-slate-600 dark:mint-text-slate-400 mint-border-slate-500/20', info: 'mint-bg-blue-500/10 mint-text-blue-600 dark:mint-text-blue-400 mint-border-blue-500/20', warning: 'mint-bg-amber-500/10 mint-text-amber-600 dark:mint-text-amber-400 mint-border-amber-500/20', danger: 'mint-bg-red-500/10 mint-text-red-600 dark:mint-text-red-400 mint-border-red-500/20' }; const classes = variantClasses[variant] || variantClasses.neutral; return {text} ; } ## Definition **Assembly:** Microsoft.OData.Mcp.Authentication.dll **Namespace:** Microsoft.OData.Mcp.Authentication.Services ## Syntax ```csharp theme={"dark"} Microsoft.OData.Mcp.Authentication.Services.ITokenValidationService ``` ## Summary Provides services for validating JWT tokens and extracting user context. ## Remarks This service handles the core token validation logic, including signature verification, claim extraction, and scope validation. It provides a abstraction layer over the underlying JWT validation mechanisms. ## Methods ### ExtractUserContext Extracts the user context from a validated claims principal. #### Syntax ```csharp theme={"dark"} Microsoft.OData.Mcp.Authentication.Models.UserContext ExtractUserContext(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `Microsoft.OData.Mcp.Authentication.Models.UserContext` The user context containing identity and authorization information. #### Exceptions | Exception | Description | | ----------------------- | -------------------------------- | | `ArgumentNullException` | Thrown when *principal* is null. | ### GetAuthorizationMetadataAsync Gets the authorization metadata from the JWT token for downstream services. #### Syntax ```csharp theme={"dark"} System.Threading.Tasks.Task GetAuthorizationMetadataAsync(string token) ``` #### Parameters | Name | Type | Description | | ------- | -------- | --------------------------------------- | | `token` | `string` | The JWT token to extract metadata from. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous operation. The task result contains the authorization metadata. #### Exceptions | Exception | Description | | ------------------- | ------------------------------------------ | | `ArgumentException` | Thrown when *token* is null or whitespace. | ### GetTokenLifetime Gets the remaining lifetime of a token. #### Syntax ```csharp theme={"dark"} System.Nullable GetTokenLifetime(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `System.Nullable` The remaining time before the token expires, or null if the token has no expiration. #### Exceptions | Exception | Description | | ----------------------- | -------------------------------- | | `ArgumentNullException` | Thrown when *principal* is null. | ### HasRequiredScopes Checks if a user has the required scopes for a specific operation. #### Syntax ```csharp theme={"dark"} bool HasRequiredScopes(Microsoft.OData.Mcp.Authentication.Models.UserContext userContext, System.Collections.Generic.IEnumerable requiredScopes) ``` #### Parameters | Name | Type | Description | | ---------------- | ------------------------------------------------------- | -------------------------------------- | | `userContext` | `Microsoft.OData.Mcp.Authentication.Models.UserContext` | The user context to check. | | `requiredScopes` | `System.Collections.Generic.IEnumerable` | The scopes required for the operation. | #### Returns Type: `bool` `true` if the user has at least one of the required scopes; otherwise, `false`. #### Exceptions | Exception | Description | | ----------------------- | ------------------------------------------------------ | | `ArgumentNullException` | Thrown when *userContext* or *requiredScopes* is null. | ### IsTokenExpired Determines if a token is expired based on its claims. #### Syntax ```csharp theme={"dark"} bool IsTokenExpired(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `bool` `true` if the token is expired; otherwise, `false`. #### Exceptions | Exception | Description | | ----------------------- | -------------------------------- | | `ArgumentNullException` | Thrown when *principal* is null. | ### ValidateTokenAsync Validates a JWT token and returns the principal if valid. #### Syntax ```csharp theme={"dark"} System.Threading.Tasks.Task ValidateTokenAsync(string token, System.Threading.CancellationToken cancellationToken = null) ``` #### Parameters | Name | Type | Description | | ------------------- | ------------------------------------ | --------------------------------------------- | | `token` | `string` | The JWT token to validate. | | `cancellationToken` | `System.Threading.CancellationToken` | A cancellation token to cancel the operation. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous validation operation. The task result contains the claims principal if the token is valid, or null if invalid. #### Exceptions | Exception | Description | | ------------------- | ------------------------------------------ | | `ArgumentException` | Thrown when *token* is null or whitespace. | ### ValidateTokenAsync Validates a JWT token with additional validation parameters. #### Syntax ```csharp theme={"dark"} System.Threading.Tasks.Task ValidateTokenAsync(string token, System.Collections.Generic.Dictionary validationParameters, System.Threading.CancellationToken cancellationToken = null) ``` #### Parameters | Name | Type | Description | | ---------------------- | ------------------------------------------------------- | --------------------------------------------- | | `token` | `string` | The JWT token to validate. | | `validationParameters` | `System.Collections.Generic.Dictionary` | Additional validation parameters to apply. | | `cancellationToken` | `System.Threading.CancellationToken` | A cancellation token to cancel the operation. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous validation operation. The task result contains the validation result. #### Exceptions | Exception | Description | | ----------------------- | ------------------------------------------- | | `ArgumentException` | Thrown when *token* is null or whitespace. | | `ArgumentNullException` | Thrown when *validationParameters* is null. |