TokenValidationService

Definition

Assembly: Microsoft.OData.Mcp.Authentication.dll Namespace: Microsoft.OData.Mcp.Authentication.Services Inheritance: System.Object

Syntax

Microsoft.OData.Mcp.Authentication.Services.TokenValidationService

Summary

Provides services for validating JWT tokens and extracting user context.

Remarks

This service handles JWT token validation using Microsoft’s IdentityModel libraries, including automatic discovery of validation keys and comprehensive claim extraction.

Constructors

.ctor

Initializes a new instance of the TokenValidationService class.

Syntax

public TokenValidationService(Microsoft.Extensions.Options.IOptions<Microsoft.OData.Mcp.Authentication.Models.McpAuthenticationOptions> options, Microsoft.Extensions.Logging.ILogger<Microsoft.OData.Mcp.Authentication.Services.TokenValidationService> logger)

Parameters

Name	Type	Description
`options`	`Microsoft.Extensions.Options.IOptions<Microsoft.OData.Mcp.Authentication.Models.McpAuthenticationOptions>`	The authentication options.
`logger`	`Microsoft.Extensions.Logging.ILogger<Microsoft.OData.Mcp.Authentication.Services.TokenValidationService>`	The logger instance.

Exceptions

Exception	Description
`ArgumentNullException`	Thrown when options or logger is null.

.ctor Inherited

Inherited from object

Syntax

public Object()

Methods

Equals Inherited Virtual

Inherited from object

Syntax

public virtual bool Equals(object obj)

Parameters

Name	Type	Description
`obj`	`object?`	-

Returns

Type: bool

Equals Inherited

Inherited from object

Syntax

public static bool Equals(object objA, object objB)

Parameters

Name	Type	Description
`objA`	`object?`	-
`objB`	`object?`	-

Returns

Type: bool

ExtractUserContext

Extracts the user context from a validated claims principal.

Syntax

public Microsoft.OData.Mcp.Authentication.Models.UserContext ExtractUserContext(System.Security.Claims.ClaimsPrincipal principal)

Parameters

Name	Type	Description
`principal`	`System.Security.Claims.ClaimsPrincipal`	The claims principal from a validated token.

Returns

Type: Microsoft.OData.Mcp.Authentication.Models.UserContext The user context containing identity and authorization information.

GetAuthorizationMetadataAsync

Gets the authorization metadata from the JWT token for downstream services.

Syntax

public System.Threading.Tasks.Task<Microsoft.OData.Mcp.Authentication.Models.AuthorizationMetadata> GetAuthorizationMetadataAsync(string token)

Parameters

Name	Type	Description
`token`	`string`	The JWT token to extract metadata from.

Returns

Type: System.Threading.Tasks.Task<Microsoft.OData.Mcp.Authentication.Models.AuthorizationMetadata> A task that represents the asynchronous operation. The task result contains the authorization metadata.

GetHashCode Inherited Virtual

Inherited from object

Syntax

public virtual int GetHashCode()

Returns

Type: int

GetTokenLifetime

Gets the remaining lifetime of a token.

Syntax

public System.Nullable<System.TimeSpan> GetTokenLifetime(System.Security.Claims.ClaimsPrincipal principal)

Parameters

Name	Type	Description
`principal`	`System.Security.Claims.ClaimsPrincipal`	The claims principal from a validated token.

Returns

Type: System.Nullable<System.TimeSpan> The remaining time before the token expires, or null if the token has no expiration.

GetType Inherited

Inherited from object

Syntax

public System.Type GetType()

Returns

Type: System.Type

HasRequiredScopes

Checks if a user has the required scopes for a specific operation.

Syntax

public bool HasRequiredScopes(Microsoft.OData.Mcp.Authentication.Models.UserContext userContext, System.Collections.Generic.IEnumerable<string> requiredScopes)

Parameters

Name	Type	Description
`userContext`	`Microsoft.OData.Mcp.Authentication.Models.UserContext`	The user context to check.
`requiredScopes`	`System.Collections.Generic.IEnumerable<string>`	The scopes required for the operation.

Returns

Type: bool true if the user has at least one of the required scopes; otherwise, false.

IsTokenExpired

Determines if a token is expired based on its claims.

Syntax

public bool IsTokenExpired(System.Security.Claims.ClaimsPrincipal principal)

Parameters

Name	Type	Description
`principal`	`System.Security.Claims.ClaimsPrincipal`	The claims principal from a validated token.

Returns

Type: bool true if the token is expired; otherwise, false.

MemberwiseClone Inherited

Inherited from object

Syntax

protected internal object MemberwiseClone()

Returns

Type: object

ReferenceEquals Inherited

Inherited from object

Syntax

public static bool ReferenceEquals(object objA, object objB)

Parameters

Name	Type	Description
`objA`	`object?`	-
`objB`	`object?`	-

Returns

Type: bool

ToString Inherited Virtual

Inherited from object

Syntax

public virtual string ToString()

Returns

Type: string?

ValidateTokenAsync

Validates a JWT token and returns the principal if valid.

Syntax

public System.Threading.Tasks.Task<System.Security.Claims.ClaimsPrincipal> ValidateTokenAsync(string token, System.Threading.CancellationToken cancellationToken = null)

Parameters

Name	Type	Description
`token`	`string`	The JWT token to validate.
`cancellationToken`	`System.Threading.CancellationToken`	A cancellation token to cancel the operation.

Returns

Type: System.Threading.Tasks.Task<System.Security.Claims.ClaimsPrincipal?> A task that represents the asynchronous validation operation. The task result contains the claims principal if the token is valid, or null if invalid.

ValidateTokenAsync

Validates a JWT token with additional validation parameters.

Syntax

public System.Threading.Tasks.Task<Microsoft.OData.Mcp.Authentication.Models.TokenValidationResult> ValidateTokenAsync(string token, System.Collections.Generic.Dictionary<string, object> validationParameters, System.Threading.CancellationToken cancellationToken = null)

Parameters

Name	Type	Description
`token`	`string`	The JWT token to validate.
`validationParameters`	`System.Collections.Generic.Dictionary<string, object>`	Additional validation parameters to apply.
`cancellationToken`	`System.Threading.CancellationToken`	A cancellation token to cancel the operation.

Returns

Type: System.Threading.Tasks.Task<Microsoft.OData.Mcp.Authentication.Models.TokenValidationResult> A task that represents the asynchronous validation operation. The task result contains the validation result.

Microsoft.OData.Mcp.Authentication.Services.ITokenValidationService

Getting Started

Guides

API Reference

​Definition

​Syntax

​Summary

​Remarks

​Constructors

​ .ctor

​Syntax

​Parameters

​Exceptions

​ .ctor Inherited

​Syntax

​Methods

​ Equals Inherited Virtual

​Syntax

​Parameters

​Returns

​ Equals Inherited

​Syntax

​Parameters

​Returns

​ ExtractUserContext

​Syntax

​Parameters

​Returns

​ GetAuthorizationMetadataAsync

​Syntax

​Parameters

​Returns

​ GetHashCode Inherited Virtual

​Syntax

​Returns

​ GetTokenLifetime

​Syntax

​Parameters

​Returns

​ GetType Inherited

​Syntax

​Returns

​ HasRequiredScopes

​Syntax

​Parameters

​Returns

​ IsTokenExpired

​Syntax

​Parameters

​Returns

​ MemberwiseClone Inherited

​Syntax

​Returns

​ ReferenceEquals Inherited

​Syntax

​Parameters

​Returns

​ ToString Inherited Virtual

​Syntax

​Returns

​ ValidateTokenAsync

​Syntax

​Parameters

​Returns

​ ValidateTokenAsync

​Syntax

​Parameters

​Returns

​Related APIs

Definition

Syntax

Summary

Remarks

Constructors

.ctor

Syntax

Parameters

Exceptions

.ctor Inherited

Syntax

Methods

Equals Inherited Virtual

Syntax

Parameters

Returns

Equals Inherited

Syntax

Parameters

Returns

ExtractUserContext

Syntax

Parameters

Returns

GetAuthorizationMetadataAsync

Syntax

Parameters

Returns

GetHashCode Inherited Virtual

Syntax

Returns

GetTokenLifetime

Syntax

Parameters

Returns

GetType Inherited

Syntax

Returns

HasRequiredScopes

Syntax

Parameters

Returns

IsTokenExpired

Syntax

Parameters

Returns

MemberwiseClone Inherited

Syntax

Returns

ReferenceEquals Inherited

Syntax

Parameters

Returns

ToString Inherited Virtual

Syntax

Returns

ValidateTokenAsync

Syntax

Parameters

Returns

ValidateTokenAsync

Syntax

Parameters

Returns

Related APIs