> ## Documentation Index > Fetch the complete documentation index at: https://easyaf.dev/llms.txt > Use this file to discover all available pages before exploring further. # TokenValidationService > Provides services for validating JWT tokens and extracting user context. export function DocsBadge({text, variant = 'neutral'}) { const variantClasses = { success: 'mint-bg-green-500/10 mint-text-green-600 dark:mint-text-green-400 mint-border-green-500/20', neutral: 'mint-bg-slate-500/10 mint-text-slate-600 dark:mint-text-slate-400 mint-border-slate-500/20', info: 'mint-bg-blue-500/10 mint-text-blue-600 dark:mint-text-blue-400 mint-border-blue-500/20', warning: 'mint-bg-amber-500/10 mint-text-amber-600 dark:mint-text-amber-400 mint-border-amber-500/20', danger: 'mint-bg-red-500/10 mint-text-red-600 dark:mint-text-red-400 mint-border-red-500/20' }; const classes = variantClasses[variant] || variantClasses.neutral; return {text} ; } ## Definition **Assembly:** Microsoft.OData.Mcp.Authentication.dll **Namespace:** Microsoft.OData.Mcp.Authentication.Services **Inheritance:** System.Object ## Syntax ```csharp theme={"dark"} Microsoft.OData.Mcp.Authentication.Services.TokenValidationService ``` ## Summary Provides services for validating JWT tokens and extracting user context. ## Remarks This service handles JWT token validation using Microsoft's IdentityModel libraries, including automatic discovery of validation keys and comprehensive claim extraction. ## Constructors ### .ctor Initializes a new instance of the [TokenValidationService](/odata-mcp/api-reference/Microsoft/OData/Mcp/Authentication/Services/TokenValidationService) class. #### Syntax ```csharp theme={"dark"} public TokenValidationService(Microsoft.Extensions.Options.IOptions options, Microsoft.Extensions.Logging.ILogger logger) ``` #### Parameters | Name | Type | Description | | --------- | ----------------------------------------------------------------------------------------------------------- | --------------------------- | | `options` | `Microsoft.Extensions.Options.IOptions` | The authentication options. | | `logger` | `Microsoft.Extensions.Logging.ILogger` | The logger instance. | #### Exceptions | Exception | Description | | ----------------------- | ------------------------------------------ | | `ArgumentNullException` | Thrown when *options* or *logger* is null. | ### .ctor Inherited from `object` #### Syntax ```csharp theme={"dark"} public Object() ``` ## Methods ### Equals Inherited from `object` #### Syntax ```csharp theme={"dark"} public virtual bool Equals(object obj) ``` #### Parameters | Name | Type | Description | | ----- | --------- | ----------- | | `obj` | `object?` | - | #### Returns Type: `bool` ### Equals Inherited from `object` #### Syntax ```csharp theme={"dark"} public static bool Equals(object objA, object objB) ``` #### Parameters | Name | Type | Description | | ------ | --------- | ----------- | | `objA` | `object?` | - | | `objB` | `object?` | - | #### Returns Type: `bool` ### ExtractUserContext Extracts the user context from a validated claims principal. #### Syntax ```csharp theme={"dark"} public Microsoft.OData.Mcp.Authentication.Models.UserContext ExtractUserContext(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `Microsoft.OData.Mcp.Authentication.Models.UserContext` The user context containing identity and authorization information. ### GetAuthorizationMetadataAsync Gets the authorization metadata from the JWT token for downstream services. #### Syntax ```csharp theme={"dark"} public System.Threading.Tasks.Task GetAuthorizationMetadataAsync(string token) ``` #### Parameters | Name | Type | Description | | ------- | -------- | --------------------------------------- | | `token` | `string` | The JWT token to extract metadata from. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous operation. The task result contains the authorization metadata. ### GetHashCode Inherited from `object` #### Syntax ```csharp theme={"dark"} public virtual int GetHashCode() ``` #### Returns Type: `int` ### GetTokenLifetime Gets the remaining lifetime of a token. #### Syntax ```csharp theme={"dark"} public System.Nullable GetTokenLifetime(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `System.Nullable` The remaining time before the token expires, or null if the token has no expiration. ### GetType Inherited from `object` #### Syntax ```csharp theme={"dark"} public System.Type GetType() ``` #### Returns Type: `System.Type` ### HasRequiredScopes Checks if a user has the required scopes for a specific operation. #### Syntax ```csharp theme={"dark"} public bool HasRequiredScopes(Microsoft.OData.Mcp.Authentication.Models.UserContext userContext, System.Collections.Generic.IEnumerable requiredScopes) ``` #### Parameters | Name | Type | Description | | ---------------- | ------------------------------------------------------- | -------------------------------------- | | `userContext` | `Microsoft.OData.Mcp.Authentication.Models.UserContext` | The user context to check. | | `requiredScopes` | `System.Collections.Generic.IEnumerable` | The scopes required for the operation. | #### Returns Type: `bool` `true` if the user has at least one of the required scopes; otherwise, `false`. ### IsTokenExpired Determines if a token is expired based on its claims. #### Syntax ```csharp theme={"dark"} public bool IsTokenExpired(System.Security.Claims.ClaimsPrincipal principal) ``` #### Parameters | Name | Type | Description | | ----------- | ---------------------------------------- | -------------------------------------------- | | `principal` | `System.Security.Claims.ClaimsPrincipal` | The claims principal from a validated token. | #### Returns Type: `bool` `true` if the token is expired; otherwise, `false`. ### MemberwiseClone Inherited from `object` #### Syntax ```csharp theme={"dark"} protected internal object MemberwiseClone() ``` #### Returns Type: `object` ### ReferenceEquals Inherited from `object` #### Syntax ```csharp theme={"dark"} public static bool ReferenceEquals(object objA, object objB) ``` #### Parameters | Name | Type | Description | | ------ | --------- | ----------- | | `objA` | `object?` | - | | `objB` | `object?` | - | #### Returns Type: `bool` ### ToString Inherited from `object` #### Syntax ```csharp theme={"dark"} public virtual string ToString() ``` #### Returns Type: `string?` ### ValidateTokenAsync Validates a JWT token and returns the principal if valid. #### Syntax ```csharp theme={"dark"} public System.Threading.Tasks.Task ValidateTokenAsync(string token, System.Threading.CancellationToken cancellationToken = null) ``` #### Parameters | Name | Type | Description | | ------------------- | ------------------------------------ | --------------------------------------------- | | `token` | `string` | The JWT token to validate. | | `cancellationToken` | `System.Threading.CancellationToken` | A cancellation token to cancel the operation. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous validation operation. The task result contains the claims principal if the token is valid, or null if invalid. ### ValidateTokenAsync Validates a JWT token with additional validation parameters. #### Syntax ```csharp theme={"dark"} public System.Threading.Tasks.Task ValidateTokenAsync(string token, System.Collections.Generic.Dictionary validationParameters, System.Threading.CancellationToken cancellationToken = null) ``` #### Parameters | Name | Type | Description | | ---------------------- | ------------------------------------------------------- | --------------------------------------------- | | `token` | `string` | The JWT token to validate. | | `validationParameters` | `System.Collections.Generic.Dictionary` | Additional validation parameters to apply. | | `cancellationToken` | `System.Threading.CancellationToken` | A cancellation token to cancel the operation. | #### Returns Type: `System.Threading.Tasks.Task` A task that represents the asynchronous validation operation. The task result contains the validation result. ## Related APIs * Microsoft.OData.Mcp.Authentication.Services.ITokenValidationService