#1208 Clean up JWT and OIDC issuer handling

2017-06-28 10:50:52 -07:00 · 2017-06-28 10:50:52 -07:00 · 658f4621b1
parent 1c30f33c92
commit 658f4621b1
2 changed files with 8 additions and 19 deletions
--- a/src/Microsoft.AspNetCore.Authentication.JwtBearer/JwtBearerHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.JwtBearer/JwtBearerHandler.cs
@ -90,17 +90,11 @@ namespace Microsoft.AspNetCore.Authentication.JwtBearer
                var validationParameters = Options.TokenValidationParameters.Clone();
                if (_configuration != null)
                {
-                    if (validationParameters.ValidIssuer == null && !string.IsNullOrEmpty(_configuration.Issuer))
-                    {
-                        validationParameters.ValidIssuer = _configuration.Issuer;
-                    }
-                    else
-                    {
-                        var issuers = new[] { _configuration.Issuer };
-                        validationParameters.ValidIssuers = (validationParameters.ValidIssuers == null ? issuers : validationParameters.ValidIssuers.Concat(issuers));
-                    }
+                    var issuers = new[] { _configuration.Issuer };
+                    validationParameters.ValidIssuers = validationParameters.ValidIssuers?.Concat(issuers) ?? issuers;

-                    validationParameters.IssuerSigningKeys = (validationParameters.IssuerSigningKeys == null ? _configuration.SigningKeys : validationParameters.IssuerSigningKeys.Concat(_configuration.SigningKeys));
+                    validationParameters.IssuerSigningKeys = validationParameters.IssuerSigningKeys?.Concat(_configuration.SigningKeys)
+                        ?? _configuration.SigningKeys;
                }

                List<Exception> validationFailures = null;
--- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
@ -1137,16 +1137,11 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect

            if (_configuration != null)
            {
-                if (string.IsNullOrEmpty(validationParameters.ValidIssuer))
-                {
-                    validationParameters.ValidIssuer = _configuration.Issuer;
-                }
-                else if (!string.IsNullOrEmpty(_configuration.Issuer))
-                {
-                    validationParameters.ValidIssuers = validationParameters.ValidIssuers?.Concat(new[] { _configuration.Issuer }) ?? new[] { _configuration.Issuer };
-                }
+                var issuer = new[] { _configuration.Issuer };
+                validationParameters.ValidIssuers = validationParameters.ValidIssuers?.Concat(issuer) ?? issuer;

-                validationParameters.IssuerSigningKeys = validationParameters.IssuerSigningKeys?.Concat(_configuration.SigningKeys) ?? _configuration.SigningKeys;
+                validationParameters.IssuerSigningKeys = validationParameters.IssuerSigningKeys?.Concat(_configuration.SigningKeys)
+                    ?? _configuration.SigningKeys;
            }

            var principal = Options.SecurityTokenValidator.ValidateToken(idToken, validationParameters, out SecurityToken validatedToken);