1 //----------------------------------------------------------------------
3 // Copyright (c) Microsoft Corporation.
4 // All rights reserved.
6 // This code is licensed under the MIT License.
8 // Permission is hereby granted, free of charge, to any person obtaining a copy
9 // of this software and associated documentation files(the "Software"), to deal
10 // in the Software without restriction, including without limitation the rights
11 // to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
12 // copies of the Software, and to permit persons to whom the Software is
13 // furnished to do so, subject to the following conditions :
15 // The above copyright notice and this permission notice shall be included in
16 // all copies or substantial portions of the Software.
18 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
21 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 //------------------------------------------------------------------------------
30 using System.Runtime.Serialization;
31 using System.Runtime.Serialization.Json;
33 namespace Microsoft.IdentityModel.Clients.ActiveDirectory
35 internal class IdTokenClaim
37 public const string ObjectId = "oid";
38 public const string Subject = "sub";
39 public const string TenantId = "tid";
40 public const string UPN = "upn";
41 public const string Email = "email";
42 public const string GivenName = "given_name";
43 public const string FamilyName = "family_name";
44 public const string IdentityProvider = "idp";
45 public const string Issuer = "iss";
46 public const string PasswordExpiration = "pwd_exp";
47 public const string PasswordChangeUrl = "pwd_url";
51 internal class IdToken
53 [DataMember(Name = IdTokenClaim.ObjectId, IsRequired = false)]
54 public string ObjectId { get; set; }
56 [DataMember(Name = IdTokenClaim.Subject, IsRequired = false)]
57 public string Subject { get; set; }
59 [DataMember(Name = IdTokenClaim.TenantId, IsRequired = false)]
60 public string TenantId { get; set; }
62 [DataMember(Name = IdTokenClaim.UPN, IsRequired = false)]
63 public string UPN { get; set; }
65 [DataMember(Name = IdTokenClaim.GivenName, IsRequired = false)]
66 public string GivenName { get; set; }
68 [DataMember(Name = IdTokenClaim.FamilyName, IsRequired = false)]
69 public string FamilyName { get; set; }
71 [DataMember(Name = IdTokenClaim.Email, IsRequired = false)]
72 public string Email { get; set; }
74 [DataMember(Name = IdTokenClaim.PasswordExpiration, IsRequired = false)]
75 public long PasswordExpiration { get; set; }
77 [DataMember(Name = IdTokenClaim.PasswordChangeUrl, IsRequired = false)]
78 public string PasswordChangeUrl { get; set; }
80 [DataMember(Name = IdTokenClaim.IdentityProvider, IsRequired = false)]
81 public string IdentityProvider { get; set; }
83 [DataMember(Name = IdTokenClaim.Issuer, IsRequired = false)]
84 public string Issuer { get; set; }
86 public static IdToken Parse(string idToken)
88 IdToken idTokenBody = null;
89 if (!string.IsNullOrWhiteSpace(idToken))
91 string[] idTokenSegments = idToken.Split(new[] { '.' });
93 // If Id token format is invalid, we silently ignore the id token
94 if (idTokenSegments.Length == 3)
98 byte[] idTokenBytes = Base64UrlEncoder.DecodeBytes(idTokenSegments[1]);
99 using (var stream = new MemoryStream(idTokenBytes))
101 var serializer = new DataContractJsonSerializer(typeof(IdToken));
102 idTokenBody = (IdToken)serializer.ReadObject(stream);
105 catch (SerializationException)
107 // We silently ignore the id token if exception occurs.
109 catch (ArgumentException)
111 // Again, we silently ignore the id token if exception occurs.