Compartilhar via


Microsoft.IdentityModel.Tokens Namespace

Classes

AppCompatSwitches

Identifiers used for switching between different app compat behaviors within the Microsoft.IdentityModel libraries.

AsymmetricSecurityKey

Base class for a SecurityKey that contains Asymmetric key material.

AsymmetricSignatureProvider

Provides signature and verification operations for Asymmetric Algorithms using a SecurityKey.

AuthenticatedEncryptionProvider

Provides authenticated encryption and decryption services.

AuthenticatedEncryptionResult

Contains the results of Encrypt(Byte[], Byte[]) operation.

Base64UrlEncoder

Encodes and Decodes strings as base64url encoding.

BaseConfiguration

Represents a generic metadata configuration which is applicable for both XML and JSON based configurations.

BaseConfigurationManager

Represents a generic configuration manager.

CallContext

An opaque context used to store work when working with authentication artifacts.

CaseSensitiveClaimsIdentity

A derived ClaimsIdentity where claim retrieval is case-sensitive. The current ClaimsIdentity retrieves claims in a case-insensitive manner which is different than querying the underlying SecurityToken. The CaseSensitiveClaimsIdentity provides consistent retrieval logic between the SecurityToken and ClaimsIdentity.

CompressionAlgorithms

Constants for compression algorithms.

CompressionProviderFactory

Compression provider factory for compression and decompression.

CryptoProviderCache

Abstract definition of a cache for cryptographic providers.

CryptoProviderCacheOptions

Specifies the CryptoProviderCacheOptions which can be used to configure the internal cryptoprovider cache. We are using our own simple LRU caching implementation across all targets. See Microsoft.IdentityModel.Tokens.EventBasedLRUCache`2 for more details.

CryptoProviderFactory

Creates cryptographic operators by specifying a SecurityKey's and algorithms.

DateTimeUtil

Utility class for performing operations involving DateTime and TimeSpan.

DeflateCompressionProvider

A compression provider that supports compression and decompression using the Deflate algorithm.

EcdhKeyExchangeProvider

Provides a Security Key that can be used as Content Encryption Key (CEK) for use with a JWE

ECDsaSecurityKey

Represents a ECDsa security key.

EncryptingCredentials

A class for properties that are used for token encryption.

EpochTime

Returns the absolute DateTime or the Seconds since Unix Epoch, where Epoch is UTC 1970-01-01T0:0:0Z.

InMemoryCryptoProviderCache

Defines a cache for crypto providers. Current support is limited to SignatureProvider only.

JsonWebAlgorithmsKeyTypes

Constants for JsonWebAlgorithms "kty" Key Type (sec 6.1) https://datatracker.ietf.org/doc/html/rfc7518#section-6.1

JsonWebKey

Represents a JSON Web Key as defined in https://datatracker.ietf.org/doc/html/rfc7517.

JsonWebKeyConverter

Converts a SecurityKey into a JsonWebKey Supports: converting to a JsonWebKey from one of: RsaSecurityKey, X509SecurityKey, and SymmetricSecurityKey.

JsonWebKeyECTypes

Constants for JsonWebKey Elliptical Curve Types https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.1.1

JsonWebKeyParameterNames

JsonWebKey parameter names see: https://datatracker.ietf.org/doc/html/rfc7517

JsonWebKeySet

Contains a collection of JsonWebKey that can be populated from a json string.

JsonWebKeySetParameterNames

Names for Json Web Key Set Values

JsonWebKeyUseNames

Constants for JsonWebKeyUse (sec 4.2) https://datatracker.ietf.org/doc/html/rfc7517#section-4.2

KeyWrapProvider

Provides Wrap and Unwrap key services.

RsaKeyWrapProvider

Provides RSA Wrap key and Unwrap key services.

RsaSecurityKey

Represents a Rsa security key.

SecurityAlgorithms

Constants for Security Algorithm.

SecurityKey

Base class for Security Key.

SecurityKeyIdentifierClause

Contains information about the keys inside the tokens.

SecurityToken

Base class for security token.

SecurityTokenArgumentException

Throw this exception when a received SecurityToken has invalid arguments.

SecurityTokenCompressionFailedException

Thrown when JWE compression fails.

SecurityTokenDecompressionFailedException

Thrown when JWE decompression fails.

SecurityTokenDecryptionFailedException

Represents a security token exception when decryption failed.

SecurityTokenDescriptor

Contains some information which used to create a security token.

SecurityTokenEncryptionFailedException

Represents a security token exception when encryption failed.

SecurityTokenEncryptionKeyNotFoundException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime when decrypting a token.

SecurityTokenException

Represents a security token exception.

SecurityTokenExpiredException

Throw this exception when a received Security Token has expiration time in the past.

SecurityTokenHandler

Defines the interface for a Security Token Handler.

SecurityTokenInvalidAlgorithmException

This exception is thrown when a cryptographic algorithm is invalid.

SecurityTokenInvalidAudienceException

This exception is thrown when 'audience' of a token was not valid.

SecurityTokenInvalidCloudInstanceException

This exception is thrown when the cloud instance of the signing key was not matched with the cloud instance from configuration.

SecurityTokenInvalidIssuerException

This exception is thrown when 'issuer' of a token was not valid.

SecurityTokenInvalidLifetimeException

This exception is thrown when 'lifetime' of a token was not valid.

SecurityTokenInvalidSignatureException

This exception is thrown when 'signature' of a token was not valid.

SecurityTokenInvalidSigningKeyException

Throw this exception when a received Security Token has an invalid issuer signing key.

SecurityTokenInvalidTypeException

This exception is thrown when the token type ('typ' header claim) of a JWT token is invalid.

SecurityTokenKeyWrapException

Represents a key wrap exception when encryption failed.

SecurityTokenMalformedException

Represents a SecurityToken exception when the token is malformed.

SecurityTokenNoExpirationException

This exception is thrown when a security is missing an ExpirationTime.

SecurityTokenNotYetValidException

Throw this exception when a received Security token has an effective time in the future.

SecurityTokenReplayAddFailedException

This exception is thrown when an add to the TokenReplayCache fails.

SecurityTokenReplayDetectedException

Throw this exception when a received Security Token has been replayed.

SecurityTokenSignatureKeyNotFoundException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime.

SecurityTokenUnableToValidateException

This exception is thrown when a security token contained a key identifier but the key was not found by the runtime and when validation errors exist over the security token. This exception is not intended to be used as a signal to refresh keys.

SecurityTokenValidationException

Represents a security token validation exception.

SignatureProvider

Provides signature services, signing and verifying.

SigningCredentials

Defines the SecurityKey, algorithm and digest for digital signatures.

SymmetricKeyWrapProvider

Provides Wrap and Unwrap key services.

SymmetricSecurityKey

Represents a symmetric security key.

SymmetricSignatureProvider

Provides signing and verifying operations using a SymmetricSecurityKey and specifying an algorithm.

TokenContext

An opaque context used to store work when working with authentication artifacts.

TokenHandler

Defines properties shared across all security token handlers.

TokenValidationParameters

Contains a set of parameters that are used by a SecurityTokenHandler when validating a SecurityToken.

TokenValidationResult

Contains artifacts obtained when a SecurityToken is validated. A SecurityTokenHandler returns an instance that captures the results of validating a token.

UniqueId

Generates unique IDs.

Utility

Contains some utility methods.

Validators

Partial class for Audience Validation.

X509EncryptingCredentials

An X509EncryptingCredentials designed to construct EncryptingCredentials based on a x509 certificate.

X509SecurityKey

An AsymmetricSecurityKey that is backed by a X509Certificate2

X509SigningCredentials

Defines the X509Certificate2, algorithm and digest for digital signatures.

Interfaces

ICompressionProvider

Provides methods for compressing and decompressing data.

ICryptoProvider

Provides extensibility for cryptographic operators. If custom operators are needed, CustomCryptoProvider can be set to return these operators. This property will be checked before each creation.

ISecurityTokenValidator

ISecurityTokenValidator

ITokenReplayCache

Interface that defines a simple cache for tacking replaying of security tokens.

Enums

PrivateKeyStatus

Enum for the existence of private key

ValidationFailure

The reason for being unable to validate

Delegates

AlgorithmValidator

Validates the cryptographic algorithm used.

AudienceValidator

Validates the audiences found in the security token.

IssuerSigningKeyResolver

Resolves the signing key used for validating a token's signature.

IssuerSigningKeyResolverUsingConfiguration

Resolves the signing key using additional configuration.

IssuerSigningKeyValidator

Validates the signing key used for the security token.

IssuerSigningKeyValidatorUsingConfiguration

Validates the signing key using additional configuration.

IssuerValidator

Validates the issuer of the security token.

IssuerValidatorUsingConfiguration

Validates the issuer using additional configuration.

LifetimeValidator

Validates the lifetime of the security token.

SignatureValidator

Validates the signature of the security token.

SignatureValidatorUsingConfiguration

Validates the signature using additional configuration.

TokenDecryptionKeyResolver

Resolves the decryption key for the security token.

TokenReader

Reads the security token.

TokenReplayValidator

Validates the replay of the security token.

TransformBeforeSignatureValidation

Transforms the security token before signature validation.

TypeValidator

Validates the type of the security token.