From f9134583e5001697d9f97043c90b842b768a00b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 13:09:43 -0500
Subject: [PATCH 01/11] migrate to packageReference; upgrade xUnit

---
 .../AccessTokenValidation.Tests.csproj        | 97 ++++---------------
 .../packages.config                           | 22 -----
 .../AccessTokenValidation.csproj              | 58 +++--------
 source/AccessTokenValidation/packages.config  | 14 ---
 4 files changed, 33 insertions(+), 158 deletions(-)
 delete mode 100644 source/AccessTokenValidation.Tests/packages.config
 delete mode 100644 source/AccessTokenValidation/packages.config

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index c6bac5a..ee742c7 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="..\packages\xunit.runner.visualstudio.2.1.0\build\net20\xunit.runner.visualstudio.props" Condition="Exists('..\packages\xunit.runner.visualstudio.2.1.0\build\net20\xunit.runner.visualstudio.props')" />
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -34,84 +33,16 @@
     <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="FluentAssertions, Version=4.3.0.0, Culture=neutral, PublicKeyToken=33f2691a05b67b6a, processorArchitecture=MSIL">
-      <HintPath>..\packages\FluentAssertions.4.3.0\lib\net45\FluentAssertions.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="FluentAssertions.Core, Version=4.3.0.0, Culture=neutral, PublicKeyToken=33f2691a05b67b6a, processorArchitecture=MSIL">
-      <HintPath>..\packages\FluentAssertions.4.3.0\lib\net45\FluentAssertions.Core.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="IdentityModel, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
-      <HintPath>..\packages\IdentityModel.1.9.2\lib\net45\IdentityModel.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.3.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.3.0.1\lib\net45\Microsoft.Owin.Security.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security.Jwt, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.Jwt.3.0.1\lib\net45\Microsoft.Owin.Security.Jwt.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security.OAuth, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.OAuth.3.0.1\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Moq, Version=4.2.1510.2205, Culture=neutral, PublicKeyToken=69f491c39445e920, processorArchitecture=MSIL">
-      <HintPath>..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Newtonsoft.Json, Version=8.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
-      <HintPath>..\packages\Newtonsoft.Json.8.0.3\lib\net45\Newtonsoft.Json.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
-    </Reference>
-    <Reference Include="OwinHttpMessageHandler, Version=1.3.4.0, Culture=neutral, processorArchitecture=MSIL">
-      <HintPath>..\packages\OwinHttpMessageHandler.1.3.4\lib\net45\OwinHttpMessageHandler.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.IdentityModel" />
-    <Reference Include="System.IdentityModel.Tokens.Jwt, Version=4.0.20622.1351, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.IdentityModel.Tokens.Jwt.4.0.2.206221351\lib\net45\System.IdentityModel.Tokens.Jwt.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="System.Net.Http" />
-    <Reference Include="System.Net.Http.Formatting, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.AspNet.WebApi.Client.5.2.3\lib\net45\System.Net.Http.Formatting.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="System.Net.Http.WebRequest" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
     <Reference Include="Microsoft.CSharp" />
     <Reference Include="System.Data" />
     <Reference Include="System.Xml" />
-    <Reference Include="xunit.abstractions, Version=2.0.0.0, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.abstractions.2.0.0\lib\net35\xunit.abstractions.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="xunit.assert, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.assert.2.1.0\lib\dotnet\xunit.assert.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="xunit.core, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.extensibility.core.2.1.0\lib\dotnet\xunit.core.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="xunit.execution.desktop, Version=2.1.0.3179, Culture=neutral, PublicKeyToken=8d05b1bb7a6fdb6c, processorArchitecture=MSIL">
-      <HintPath>..\packages\xunit.extensibility.execution.2.1.0\lib\net45\xunit.execution.desktop.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
   </ItemGroup>
   <ItemGroup>
     <Compile Include="InMemoryClaimsCacheTests.cs" />
@@ -134,7 +65,6 @@
   </ItemGroup>
   <ItemGroup>
     <None Include="app.config" />
-    <None Include="packages.config" />
     <EmbeddedResource Include="Util\idsrv3test.pfx" />
   </ItemGroup>
   <ItemGroup>
@@ -146,14 +76,27 @@
   <ItemGroup>
     <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
   </ItemGroup>
-  <ItemGroup />
+  <ItemGroup>
+    <PackageReference Include="FluentAssertions" Version="4.3.0" />
+    <PackageReference Include="IdentityModel" Version="1.9.2" />
+    <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.3" />
+    <PackageReference Include="Microsoft.Owin" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="3.0.1" />
+    <PackageReference Include="Moq" Version="4.2.1510.2205" />
+    <PackageReference Include="Newtonsoft.Json" Version="8.0.3" />
+    <PackageReference Include="Owin" Version="1.0.0" />
+    <PackageReference Include="OwinHttpMessageHandler" Version="1.3.4" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="4.0.2.206221351" />
+    <PackageReference Include="xunit" Version="2.4.1" />
+    <PackageReference Include="xunit.extensibility.core" Version="2.4.1" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
-    <PropertyGroup>
-      <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
-    </PropertyGroup>
-    <Error Condition="!Exists('..\packages\xunit.runner.visualstudio.2.1.0\build\net20\xunit.runner.visualstudio.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\xunit.runner.visualstudio.2.1.0\build\net20\xunit.runner.visualstudio.props'))" />
-  </Target>
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
diff --git a/source/AccessTokenValidation.Tests/packages.config b/source/AccessTokenValidation.Tests/packages.config
deleted file mode 100644
index 472d8e2..0000000
--- a/source/AccessTokenValidation.Tests/packages.config
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<packages>
-  <package id="FluentAssertions" version="4.3.0" targetFramework="net45" />
-  <package id="IdentityModel" version="1.9.2" targetFramework="net45" />
-  <package id="Microsoft.AspNet.WebApi.Client" version="5.2.3" targetFramework="net45" />
-  <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security.Jwt" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security.OAuth" version="3.0.1" targetFramework="net45" />
-  <package id="Moq" version="4.2.1510.2205" targetFramework="net45" />
-  <package id="Newtonsoft.Json" version="8.0.3" targetFramework="net45" />
-  <package id="Owin" version="1.0" targetFramework="net45" />
-  <package id="OwinHttpMessageHandler" version="1.3.4" targetFramework="net45" />
-  <package id="System.IdentityModel.Tokens.Jwt" version="4.0.2.206221351" targetFramework="net45" />
-  <package id="xunit" version="2.1.0" targetFramework="net45" />
-  <package id="xunit.abstractions" version="2.0.0" targetFramework="net45" />
-  <package id="xunit.assert" version="2.1.0" targetFramework="net45" />
-  <package id="xunit.core" version="2.1.0" targetFramework="net45" />
-  <package id="xunit.extensibility.core" version="2.1.0" targetFramework="net45" />
-  <package id="xunit.extensibility.execution" version="2.1.0" targetFramework="net45" />
-  <package id="xunit.runner.visualstudio" version="2.1.0" targetFramework="net45" />
-</packages>
\ No newline at end of file
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index 1387153..8f55127 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -32,54 +32,10 @@
     <DocumentationFile>..\..\build\IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="IdentityModel, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
-      <HintPath>..\packages\IdentityModel.1.9.2\lib\net45\IdentityModel.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.IdentityModel.Protocol.Extensions, Version=1.0.2.33, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.IdentityModel.Protocol.Extensions.1.0.2.206221351\lib\net45\Microsoft.IdentityModel.Protocol.Extensions.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.3.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.3.0.1\lib\net45\Microsoft.Owin.Security.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security.Jwt, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.Jwt.3.0.1\lib\net45\Microsoft.Owin.Security.Jwt.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Microsoft.Owin.Security.OAuth, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\Microsoft.Owin.Security.OAuth.3.0.1\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Moq, Version=4.2.1510.2205, Culture=neutral, PublicKeyToken=69f491c39445e920, processorArchitecture=MSIL">
-      <HintPath>..\packages\Moq.4.2.1510.2205\lib\net40\Moq.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Newtonsoft.Json, Version=8.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
-      <HintPath>..\packages\Newtonsoft.Json.8.0.3\lib\net45\Newtonsoft.Json.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5, processorArchitecture=MSIL">
-      <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.IdentityModel" />
-    <Reference Include="System.IdentityModel.Tokens.Jwt, Version=4.0.20622.1351, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\packages\System.IdentityModel.Tokens.Jwt.4.0.2.206221351\lib\net45\System.IdentityModel.Tokens.Jwt.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="System.Net.Http" />
-    <Reference Include="System.Net.Http.Formatting, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\Microsoft.AspNet.WebApi.Client.5.2.3\lib\net45\System.Net.Http.Formatting.dll</HintPath>
-    </Reference>
     <Reference Include="System.Net.Http.WebRequest" />
     <Reference Include="System.Runtime.Caching" />
     <Reference Include="System.Xml.Linq" />
@@ -117,7 +73,19 @@
       <Link>default.licenseheader</Link>
     </None>
     <None Include="app.config" />
-    <None Include="packages.config" />
+  </ItemGroup>
+  <ItemGroup>
+    <PackageReference Include="IdentityModel" Version="1.9.2" />
+    <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.3" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocol.Extensions" Version="1.0.2.206221351" />
+    <PackageReference Include="Microsoft.Owin" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="3.0.1" />
+    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="3.0.1" />
+    <PackageReference Include="Moq" Version="4.2.1510.2205" />
+    <PackageReference Include="Newtonsoft.Json" Version="8.0.3" />
+    <PackageReference Include="Owin" Version="1.0.0" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="4.0.2.206221351" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
diff --git a/source/AccessTokenValidation/packages.config b/source/AccessTokenValidation/packages.config
deleted file mode 100644
index 2578a68..0000000
--- a/source/AccessTokenValidation/packages.config
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<packages>
-  <package id="IdentityModel" version="1.9.2" targetFramework="net45" />
-  <package id="Microsoft.AspNet.WebApi.Client" version="5.2.3" targetFramework="net45" />
-  <package id="Microsoft.IdentityModel.Protocol.Extensions" version="1.0.2.206221351" targetFramework="net45" />
-  <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security.Jwt" version="3.0.1" targetFramework="net45" />
-  <package id="Microsoft.Owin.Security.OAuth" version="3.0.1" targetFramework="net45" />
-  <package id="Moq" version="4.2.1510.2205" targetFramework="net45" />
-  <package id="Newtonsoft.Json" version="8.0.3" targetFramework="net45" />
-  <package id="Owin" version="1.0" targetFramework="net45" />
-  <package id="System.IdentityModel.Tokens.Jwt" version="4.0.2.206221351" targetFramework="net45" />
-</packages>
\ No newline at end of file

From b19af43f975c44480b89128c137413fc0271df94 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 13:17:20 -0500
Subject: [PATCH 02/11] cleanup redundant packages in Test project

---
 .../AccessTokenValidation.Tests.csproj                   | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index ee742c7..e6d94bf 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -78,17 +78,8 @@
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="FluentAssertions" Version="4.3.0" />
-    <PackageReference Include="IdentityModel" Version="1.9.2" />
-    <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.3" />
-    <PackageReference Include="Microsoft.Owin" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="3.0.1" />
     <PackageReference Include="Moq" Version="4.2.1510.2205" />
-    <PackageReference Include="Newtonsoft.Json" Version="8.0.3" />
-    <PackageReference Include="Owin" Version="1.0.0" />
     <PackageReference Include="OwinHttpMessageHandler" Version="1.3.4" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="4.0.2.206221351" />
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.extensibility.core" Version="2.4.1" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3">

From 9a626b70412afa5a7bea054d9934072a33b4cc01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 13:21:05 -0500
Subject: [PATCH 03/11] targetFramework 4.8

---
 .../AccessTokenValidation.Tests.csproj                        | 4 ++--
 source/AccessTokenValidation/AccessTokenValidation.csproj     | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index e6d94bf..bd8648e 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>AccessTokenValidation.Tests</RootNamespace>
     <AssemblyName>AccessTokenValidation.Tests</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
     <NuGetPackageImportStamp>
@@ -79,7 +79,7 @@
   <ItemGroup>
     <PackageReference Include="FluentAssertions" Version="4.3.0" />
     <PackageReference Include="Moq" Version="4.2.1510.2205" />
-    <PackageReference Include="OwinHttpMessageHandler" Version="1.3.4" />
+    <PackageReference Include="OwinHttpMessageHandler" Version="2.0.2" />
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.extensibility.core" Version="2.4.1" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3">
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index 8f55127..f32239a 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>IdentityServer3.AccessTokenValidation</RootNamespace>
     <AssemblyName>IdentityServer3.AccessTokenValidation</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
@@ -79,7 +79,6 @@
     <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.3" />
     <PackageReference Include="Microsoft.IdentityModel.Protocol.Extensions" Version="1.0.2.206221351" />
     <PackageReference Include="Microsoft.Owin" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security" Version="3.0.1" />
     <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="3.0.1" />
     <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="3.0.1" />
     <PackageReference Include="Moq" Version="4.2.1510.2205" />

From 6c7415f974ea306da00c4dca1b6fbabf2dbe578a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 17:47:35 -0500
Subject: [PATCH 04/11] upgrade Owin packages, and other related packages to
 version 4.2. Includes fixing the breaking changes, regenerating the test
 certificate to be able to support a modern algorithm. Fix tests.

---
 .../AccessTokenValidation.Tests.csproj        |   3 +-
 .../InMemoryClaimsCacheTests.cs               |   4 +-
 .../Integration Tests/DynamicBoth.cs          |   1 +
 .../Integration Tests/DynamicLocal.cs         |   8 +-
 .../Integration Tests/Introspection.cs        |   2 +-
 .../Integration Tests/ResponseHeaders.cs      |  32 ++++----
 .../Integration Tests/StaticBoth.cs           |   5 +-
 .../Integration Tests/StaticLocal.cs          |   2 +-
 .../Integration Tests/TokenProvider.cs        |   5 +-
 .../AccessTokenValidation.Tests/Util/Cert.cs  |   2 +-
 .../Util/TokenFactory.cs                      |  22 +++---
 .../Util/idsrv3test.pfx                       | Bin 3395 -> 2638 bytes
 .../AccessTokenValidation.csproj              |  17 ++---
 ...yServerBearerTokenAuthenticationOptions.cs |   2 +-
 ...arerTokenValidationAppBuilderExtensions.cs |  69 ++++++++++--------
 ...veryDocumentIssuerSecurityTokenProvider.cs |  39 +++-------
 .../IntrospectionEndpointTokenProvider.cs     |  39 +++++-----
 .../ValidationEndpointTokenProvider.cs        |   2 +-
 18 files changed, 122 insertions(+), 132 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index bd8648e..bc58fc3 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -77,7 +77,8 @@
     <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="FluentAssertions" Version="4.3.0" />
+    <PackageReference Include="FluentAssertions" Version="6.2.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.14.1" />
     <PackageReference Include="Moq" Version="4.2.1510.2205" />
     <PackageReference Include="OwinHttpMessageHandler" Version="2.0.2" />
     <PackageReference Include="xunit" Version="2.4.1" />
diff --git a/source/AccessTokenValidation.Tests/InMemoryClaimsCacheTests.cs b/source/AccessTokenValidation.Tests/InMemoryClaimsCacheTests.cs
index 0db91b2..4de1363 100644
--- a/source/AccessTokenValidation.Tests/InMemoryClaimsCacheTests.cs
+++ b/source/AccessTokenValidation.Tests/InMemoryClaimsCacheTests.cs
@@ -49,7 +49,7 @@ public void WhenTokenExpiryClaimExpiresBeforeClaimsCacheDuration_CacheExpiry_Sho
 			Arrange(() =>
 				{
 					// mimic the DateTimeOffset rounding that happens via serialisation/deserialisation in the actual implementation
-					ExpectedCacheExpiry = ExpiryClaimSaysTokenExpiresAt.ToEpochTime().ToDateTimeOffsetFromEpoch(); 
+					ExpectedCacheExpiry = ExpiryClaimSaysTokenExpiresAt.ToUnixTimeSeconds().ToDateTimeFromEpoch(); 
 				});
 
 			// act
@@ -84,7 +84,7 @@ void Arrange(Action specifyExpectedCacheExpiry) {
 			CacheExpiryEvictsTokenAt = _clock.UtcNow.Add(_options.ValidationResultCacheDuration);
 			
 			// setup claims to include expiry claim
-			Claims = new[] {new Claim("bar","baz"), new Claim(ClaimTypes.Expiration,ExpiryClaimSaysTokenExpiresAt.ToEpochTime().ToString()) };
+			Claims = new[] {new Claim("bar","baz"), new Claim(ClaimTypes.Expiration,ExpiryClaimSaysTokenExpiresAt.ToUnixTimeSeconds().ToString()) };
 
 			specifyExpectedCacheExpiry();
 
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/DynamicBoth.cs b/source/AccessTokenValidation.Tests/Integration Tests/DynamicBoth.cs
index 0620cef..bff748e 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/DynamicBoth.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/DynamicBoth.cs	
@@ -4,6 +4,7 @@
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/DynamicLocal.cs b/source/AccessTokenValidation.Tests/Integration Tests/DynamicLocal.cs
index edae5d9..0da7cc7 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/DynamicLocal.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/DynamicLocal.cs	
@@ -3,8 +3,8 @@
 using FluentAssertions;
 using IdentityServer3.AccessTokenValidation;
 using System.Net;
-using System.Net.Http;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
@@ -29,11 +29,9 @@ public async Task WhenDelayLoadMetadataIsTrue_MetadataRetrievalIsRetriedAfterFai
             client.SetBearerToken(token);
 
             Func<Task> action = async () => await client.GetAsync("http://test");
-            action.
-                ShouldThrow<InvalidOperationException>().
-                And.
-                Message.Should().Contain("IDX10803"); // IDX10803: Unable to create to obtain configuration from: https://discodoc
 
+            Assert.ThrowsAsync<InvalidOperationException>(action)
+                .Result.Message.Should().Contain("IDX20803"); // IDX20803: Unable to create to obtain configuration from: https://discodoc
             _options.BackchannelHttpHandler = new DiscoveryEndpointHandler();
 
             var result = await client.GetAsync("http://test");
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/Introspection.cs b/source/AccessTokenValidation.Tests/Integration Tests/Introspection.cs
index a4d5ca6..9d0cd57 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/Introspection.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/Introspection.cs	
@@ -2,8 +2,8 @@
 using FluentAssertions;
 using IdentityServer3.AccessTokenValidation;
 using System.Net;
-using System.Net.Http;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs b/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs
index 8ca683c..3ecb53b 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs	
@@ -3,44 +3,46 @@
 using IdentityServer3.AccessTokenValidation;
 using Owin;
 using System;
-using System.Net;
 using System.Net.Http;
+using System.Net.Http.Headers;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
 {
     public class ResponseHeaders
     {
-        IdentityServerBearerTokenAuthenticationOptions _options = new IdentityServerBearerTokenAuthenticationOptions
+        private readonly IdentityServerBearerTokenAuthenticationOptions _options = new IdentityServerBearerTokenAuthenticationOptions
         {
             IssuerName = TokenFactory.DefaultIssuer,
             SigningCertificate = new X509Certificate2(Convert.FromBase64String(TokenFactory.DefaultPublicKey)),
             ValidationMode = ValidationMode.Local,
-            RequiredScopes = new string[] { TokenFactory.Api2Scope }
+            RequiredScopes = new[] { TokenFactory.Api2Scope }
         };
 
         [Fact]
         public async Task WhenCorsHeadersAreAlreadySetOnTheResponse_LeavesThemAsIs()
         {
+            X509Certificate2 cert;
             var client = PipelineFactory.CreateHttpClient(_options, x =>
-            {
-                x.Use(async (context, next) =>
-                {
-                    context.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "ACAO Value" });
-                    context.Response.Headers.Add("Access-Control-Allow-Method", new[] { "ACAM Value" });
-                    context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "ACAH Value" });
+                                                                    {
+                                                                        x.Use(async (context, next) =>
+                                                                              {
+                                                                                  context.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "ACAO Value" });
+                                                                                  context.Response.Headers.Add("Access-Control-Allow-Method", new[] { "ACAM Value" });
+                                                                                  context.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "ACAH Value" });
 
-                    await next();
-                });
-            });
+                                                                                  await next();
+                                                                              });
+                                                                    });
 
-            var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken(scope: new string[] { TokenFactory.Api1Scope }));
+            string token = TokenFactory.CreateTokenString(TokenFactory.CreateToken(scope: new[] { TokenFactory.Api1Scope }));
             client.SetBearerToken(token);
 
-            var result = await client.GetAsync("http://test");
-            var responseHeaders = result.Headers;
+            HttpResponseMessage result = await client.GetAsync("http://test");
+            HttpResponseHeaders responseHeaders = result.Headers;
 
             responseHeaders.GetValues("Access-Control-Allow-Origin").Should().BeEquivalentTo("ACAO Value");
             responseHeaders.GetValues("Access-Control-Allow-Method").Should().BeEquivalentTo("ACAM Value");
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/StaticBoth.cs b/source/AccessTokenValidation.Tests/Integration Tests/StaticBoth.cs
index ac28b1c..67e7ec1 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/StaticBoth.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/StaticBoth.cs	
@@ -6,6 +6,7 @@
 using System.Net.Http;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
@@ -71,8 +72,8 @@ public async Task JWT_Sent_Api1_Scope_Api1_ScopeRequirements()
         {
             _options.RequiredScopes = new[] { TokenFactory.Api1Scope };
 
-            var client = PipelineFactory.CreateHttpClient(_options);
-            var token = TokenFactory.CreateTokenString(
+            HttpClient client = PipelineFactory.CreateHttpClient(_options);
+            string token = TokenFactory.CreateTokenString(
                 TokenFactory.CreateToken(scope: new[] { TokenFactory.Api1Scope }));
 
             client.SetBearerToken(token);
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/StaticLocal.cs b/source/AccessTokenValidation.Tests/Integration Tests/StaticLocal.cs
index 5d261b7..76a70d4 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/StaticLocal.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/StaticLocal.cs	
@@ -3,9 +3,9 @@
 using IdentityServer3.AccessTokenValidation;
 using System;
 using System.Net;
-using System.Net.Http;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Xunit;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/TokenProvider.cs b/source/AccessTokenValidation.Tests/Integration Tests/TokenProvider.cs
index ce71916..818471f 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/TokenProvider.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/TokenProvider.cs	
@@ -1,16 +1,13 @@
 using AccessTokenValidation.Tests.Util;
 using IdentityServer3.AccessTokenValidation;
 using System;
-using System.Collections.Generic;
-using System.Linq;
 using System.Security.Cryptography.X509Certificates;
-using System.Text;
 using System.Threading.Tasks;
 using Xunit;
 using FluentAssertions;
 using Microsoft.Owin.Security.OAuth;
 using System.Net;
-using System.Net.Http;
+using IdentityModel.Client;
 
 namespace AccessTokenValidation.Tests.Integration_Tests
 {
diff --git a/source/AccessTokenValidation.Tests/Util/Cert.cs b/source/AccessTokenValidation.Tests/Util/Cert.cs
index 281ce96..867b69c 100644
--- a/source/AccessTokenValidation.Tests/Util/Cert.cs
+++ b/source/AccessTokenValidation.Tests/Util/Cert.cs
@@ -16,7 +16,7 @@ public static X509Certificate2 Load()
 
         private static byte[] ReadStream(Stream input)
         {
-            var buffer = new byte[16 * 1024];
+            byte[] buffer = new byte[16 * 1024];
             using (var ms = new MemoryStream())
             {
                 int read;
diff --git a/source/AccessTokenValidation.Tests/Util/TokenFactory.cs b/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
index 9e4515a..2ebdc6b 100644
--- a/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
+++ b/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
@@ -1,18 +1,19 @@
 using IdentityModel;
 using System;
 using System.Collections.Generic;
-using System.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
 using System.Security.Claims;
 using System.Security.Cryptography.X509Certificates;
+using Microsoft.IdentityModel.Tokens;
 
 namespace AccessTokenValidation.Tests.Util
 {
-    static class TokenFactory
+    internal static class TokenFactory
     {
         public const string DefaultIssuer = "https://issuer";
         public const string DefaultAudience = "https://issuer/resources";
-        public const string DefaultPublicKey = "MIIDBTCCAfGgAwIBAgIQNQb+T2ncIrNA6cKvUA1GWTAJBgUrDgMCHQUAMBIxEDAOBgNVBAMTB0RldlJvb3QwHhcNMTAwMTIwMjIwMDAwWhcNMjAwMTIwMjIwMDAwWjAVMRMwEQYDVQQDEwppZHNydjN0ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnTksBdxOiOlsmRNd+mMS2M3o1IDpK4uAr0T4/YqO3zYHAGAWTwsq4ms+NWynqY5HaB4EThNxuq2GWC5JKpO1YirOrwS97B5x9LJyHXPsdJcSikEI9BxOkl6WLQ0UzPxHdYTLpR4/O+0ILAlXw8NU4+jB4AP8Sn9YGYJ5w0fLw5YmWioXeWvocz1wHrZdJPxS8XnqHXwMUozVzQj+x6daOv5FmrHU1r9/bbp0a1GLv4BbTtSh4kMyz1hXylho0EvPg5p9YIKStbNAW9eNWvv5R8HN7PPei21AsUqxekK0oW9jnEdHewckToX7x5zULWKwwZIksll0XnVczVgy7fCFwIDAQABo1wwWjATBgNVHSUEDDAKBggrBgEFBQcDATBDBgNVHQEEPDA6gBDSFgDaV+Q2d2191r6A38tBoRQwEjEQMA4GA1UEAxMHRGV2Um9vdIIQLFk7exPNg41NRNaeNu0I9jAJBgUrDgMCHQUAA4IBAQBUnMSZxY5xosMEW6Mz4WEAjNoNv2QvqNmk23RMZGMgr516ROeWS5D3RlTNyU8FkstNCC4maDM3E0Bi4bbzW3AwrpbluqtcyMN3Pivqdxx+zKWKiORJqqLIvN8CT1fVPxxXb/e9GOdaR8eXSmB0PgNUhM4IjgNkwBbvWC9F/lzvwjlQgciR7d4GfXPYsE1vf8tmdQaY8/PtdAkExmbrb9MihdggSoGXlELrPA91Yce+fiRcKY3rQlNWVd4DOoJ/cPXsXwry8pWjNCo5JD8Q+RQ5yZEy7YPoifwemLhTdsBz3hlZr28oCGJ3kbnpW0xGvQb3VHSTVVbeei0CfXoW6iz1";
+        public const string DefaultPublicKey = "MIIDGzCCAgOgAwIBAgIQH5CpsdJDH5ZJ89cWwFrMQDANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDAppZHNydjN0ZXN0MB4XDTIxMTExNzIyMjUwOVoXDTQxMTExNzIyMzUxMFowFTETMBEGA1UEAwwKaWRzcnYzdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOprPYDL9KJ2WxNjUQKzyEgI/BOHeoz9z/2IflLiK4VCVDYYLrd35tB1X1bbBxQ77M9cgA6eqS5w8uHlITMz5wNQE8NB8nOBBD6Z3uOUSYcwd7oi639wV4M9BJRhufGUFCEN1dzRfqhpDBRklYEx5RKGEbaeQHwwuMRmuzx8QQagUJ3DCclIx9OKyOzc1ipjDL1j0WI1Q61BfptelnKULaZQrLa6b1YCTgMrPyuL9pT1qDrRvNAX/uykmzN/Jt/ms4gQlqyIYcy8398QtS7XSGmuWYdoD87bOG5iBkvPqRgbA/9PbYOePujYXo0ljfm+oRdTmA1qGpAVkOsNduDOgx0CAwEAAaNnMGUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAVBgNVHREEDjAMggppZHNydjN0ZXN0MB0GA1UdDgQWBBRqyXCUtb/Ou1Ml8gBChx4/NA2LGDANBgkqhkiG9w0BAQsFAAOCAQEAYZ3qLITEIe72vccldlsze6JM0YqvdezAigmUzNMrptQu38Jq+152Z1d23nfhvhoQN69aJaIHVSt//N1Yrnjh/hKqiuYRzSS4/7S7aWWN1RLv1DawEySZeqkfsYpJLc2oqQSlkqb/8dijRXopppS2tUYWxfgEf0FT278KK1e4Pt/iVJzBhhtI0ngqWUeR+KonLoSL+nv7cO9DZPWFfQRrcDlDcR5cmEC9g4paRP3kYT524nhMKsMeD7E8ooup3vrlG4+S3QFdZyf90cJKm46rLt0rBnc/L0uncay2wnX83N4TlaxUFMjgHSHLFw1tal7tF1DWEovG9RDO6Gbk65qpPw==";
 
         public const string Api1Scope = "api1";
         public const string Api2Scope = "api2";
@@ -45,12 +46,10 @@ public static JwtSecurityToken CreateToken(
                 additionalClaims = new List<Claim>();
             }
 
-            if (scope != null && scope.Any())
-            {
-                scope.ToList().ForEach(s => additionalClaims.Add(new Claim("scope", s)));
-            }
+            scope?.ToList().ForEach(s => additionalClaims.Add(new Claim("scope", s)));
 
-            var credential = new X509SigningCredentials(signingCertificate ?? DefaultSigningCertificate);
+            var credential = new System.IdentityModel.Tokens.X509SigningCredentials(signingCertificate ?? DefaultSigningCertificate);
+            var signingKey = new SigningCredentials(new X509SecurityKey(DefaultSigningCertificate), SecurityAlgorithms.RsaSha256Signature);
 
             var token = new JwtSecurityToken(
                 issuer ?? DefaultIssuer,
@@ -58,17 +57,14 @@ public static JwtSecurityToken CreateToken(
                 additionalClaims,
                 DateTime.UtcNow,
                 DateTime.UtcNow.AddSeconds(ttl),
-                credential);
-
-            token.Header.Add(
-                "kid", Base64Url.Encode(credential.Certificate.GetCertHash()));
+                signingKey);
 
             return token;
         }
 
         public static string CreateTokenString(JwtSecurityToken token)
         {
-            JwtSecurityTokenHandler.OutboundClaimTypeMap = new Dictionary<string, string>();
+            JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap = new Dictionary<string, string>();
 
             var handler = new JwtSecurityTokenHandler();
             return handler.WriteToken(token);
diff --git a/source/AccessTokenValidation.Tests/Util/idsrv3test.pfx b/source/AccessTokenValidation.Tests/Util/idsrv3test.pfx
index 0247dea03f0cc23694291f21310f3ae88880e2bb..a8dee29d824d8b6a2804c52a1a2bb7d63cdaed3a 100644
GIT binary patch
delta 2578
zcmY*ZcQo8-7ygYYqDu_XW%Lr+Axe~}i5e1Zlu@FK8g&F?m}nbB3|7?9B1rTV(Mwp-
zMK2**lto4zg5{g+AA8Ps-gEDB&+|O@p8L;xKXDGh)sc8wJt`2G0x%ejc#KZWF$0Ji
zl!vD|hTv%qka!vr5)T9ZPlE12@X#G39=b`1@5$;SIQa?z4>WeImx_vd1cHZ5bBiZo
z&VqQUX~c3lw3$3-%3(GZ9)mf=OV7*2gvMd>?Fomf=kyvY5)1OLYr_y8iBce>g5@U>
zspa)^0SmpJG}bCco03{@l3n9cYV~rt*p1zy>rX{P2+@(*mPKbJvmbt<6#-(zdys+C
z$+{A5OY%FNrbLhJ=Cg*wjrUEYyIO)WDkC(XmxO39&X@PkA{~!wq4bjrDycdPhk?$B
zPo!O1m*3M5-jf1-4f2^;w$lciPK^2$%Jx<O-F8(Q6~CSrVMA~_;yA_}xn*#9R@NJQ
z83tTp=||z}h|t^}xBizMA5+QR10Npyu_od8I`RlOi`I*(l8@t^iVCj(wAzJ#<B>xZ
zbCoV-@CcCRwM8Ar_iBZs?WztA-FW_@#$|5#O{%K7>*x+T*x)>bIE&~0i8aF|cF-ez
zUssOv{4D8tm-1VFoI$A~WT2bZfb_7w_z(U3*fC5j(aQR}XWS9EyoTRW1Chv7v;Gq2
znneSc@pgCQw{8Ay#$C<z#jh^{7W=k9Pu8K;Ee!F}I`2HOa^_U#CU>S=n7?}77e*ye
z{PN0;0>SZW>FNyO=k%}*vcR}bI{RqZr^YhOtHP6*hEL4iXp|BcZH5{gET_a5%<6g=
zV-&Y&7B-J73YuCi&pi{~5swUX+WLxHCt&A)|6^-Dv$G7ikWxo*SJBlPdz9(6YO3XK
zGeN^;s+`XXN@ucIv&zEuL7Yo9;~}iF?!h(Fet!xkC0o1Q9VKK0tQ6Y5c48*CF&nlD
zmn<Zlke!9Qp4hutJ@@S)fj)B;jfLdAY<>g}O-m9g7m^%4Zj{wqVaat(L~Gz$q_lYx
zZYIA=Ek0}t79zTGtjQR(cDB|l%ITvVe-k$IQdRN6tYQ0<tjkVaeWq;@zk!UBYavOJ
zSGiae-o6+}m3Nj7EVRL^Fz8^Ila!MdouM7(a_(vk8*~K%V|)VP;?^t2v%CU~^)2B^
zFV2TIFe4*GLLA$EZ&xE*Sq?6IwSRfkNCG0V=XO3_iZ5dSqNap!^#68SIBmn$oYwpG
zb|QP^0iTmye@{~T-T|WxLnyEO;w<92Kl}X6TbI;Au0*9~k&pM8#rWFeSFiBMWv2^3
zCHWOMw1l0=tZ3+$+GY*QTjpMEQ9=5Q!rQ%)YXKsbbNXWA*|cHNlM}eO5R!-{3utKk
zg`|D3Yop$mF7_PdTO&K0xi?n}X)W|`mslRB)CXDTSBpiJLCO*!eaufyS6*o)7S+|;
zE|5Mb6l#R`KeXl9BsV*G?NIqWS*q-61h~2NXn-qaQM$xw5Ph3aC0jzX?~6s2sOb43
zZ^m+ylndP>RJc!{)e#OuE2TW!EvU7?UiGIVwAyU*$7^zQ6Ysbo<NCCnkV4Va5ABts
z6|84`g1vgac=Nr?3Xa1hIM%=$vHSdri6%7|pAm>`<S&Rxl)|KB){ZVQgjO4igoh)R
zM~2z3-Q=SO`?o$cMlRU|wg?lFW>Qm#mR`+9+vmK3U8MWx*Ky6JKV`?s&jbZ-E}M~4
zUsZ6nEPw0XtGl1cEbE1juZ|c3r~1scJ)Z10%b8ORK}H+ZafO7dorciP>CSRF=r|k&
z#FJIj+14RX+FF9*TPF*kZX87Yb;0Eg2kjumCVTNEQ^LLdICo35d(P$I;|Ue1$T1|#
ze@78V!zu-XKtKQhAZ`9*Y2Z?icnyI7z!{JP<S1E|5{`fZfTV;ZAPq<XGXH8a6h#V<
zr*QTZ9}>7jsaz<P9L4QK;hia71>iR2Is6(g0Rurmc=@ZKf5#gDPk@xaq1S|bC_MoH
zhBCvC(s2XOr{rf8G@-CQ6wV%S1)Nh5FgQ1O{l6WlVR?A)G!hRUrvd>K7)&vOvE#r<
zM#z;ntSHGU<FDesZh8bBoL8lZoPdcfE;)wz$=`dxSZw_S^Hfl&pzxxLbWff*)Xo~v
zx#czo>`he!HkR5x_R7x8lWQOup|nR=2n$xyA95AOcG0@M(6mS^RWQ}k7H)Mfy~N58
z{-!fA_$R1e#CXQ0IZ8j!Ie!q>5|d{us>^N2NF!zyenmV$%hS6%*X$sH=q|JL0Cv*D
z`$z-B25z%-4ps9U6Ff8zJh|(O+9pY&oEKe&$Fz$_Yd$F)p!wT8+TV#;zOtRlCKQE7
z6WS6XYX|pF?evv9U(`%33=J1ww3?~ZvvznaKG=s@&UP<bY<Il-s0qbw(-vL~Dqagd
zcq?rvQ{KhAZYG`S|1{|I8-xd0KlA5$sD3r55RtHWp^<mi$Ktw`1{N%|r5}hHSTt_-
zb1`;_5j_SK=yUeW#3nn%dyAywTL`9N(9X>dxpW(J2Xm-&X@C4;%YC<p#0UHW0P1p8
zhoyMd70o(Q8o+a%O$4_m+kh>ATvf$rEbtkb{KLJXeC0d&N1$dyC_%sLZHRfVX5J8b
zcPNju(xg;KByG>#c5Nmen{tEfUXnkjVLITg@@RD}oY^fM(E>h=cpW2YwH)DrdNk%x
z6Zuyc6-h)tTIUk~mCz!G?D%|FIVI$Fo?J@$^e9&N__#8<GXq!YaIam|JO^GbdsZ*@
ztlh$PXc!fE$GRr=yxK?3WlHV)!^j_1#CKD)qxnr3_?oWPKo-AhC&y%@W@@+gVLB6<
zkN!=zX@4{mDs~{-*M#SQ1p&HVU8mYmGBu?Khh**N^=bWn<jj=CajmEYXmBGZGfDb&
z)UJfk^KfF#P`H%t6>)EvPh=JW_ZM$How|x*&$aEW+9L6<G0~Q+=;snT*r?IPlXiBo
z_qpQ8b@>Q?xd^eaznQu<wN7ZE%6Ccy<LdbpvFMmCH>FY3AM>bZyIJjMqZVnRBxxiq
zbco~pi)ilbHI|V3M;aD(!cQfeJ==C42N_zo-tk)CyNw&#n_kbz!D5(sjw<ZyjPnZ_
z3i3@Bn*3Q`E@+Q)-XJS$2YNR5o-SX!mGJledZfwGA6W6`U1%Qt-7a^q3(onrG-m@&
zT$w{Ht#`sD`L5F12!mHK%c4#H(#5_g^`OE!_qME~os$&5*@WI~uxpKoPYKV?_UGyd
zG%?qq>F^mAN{Bit&GfApH%^_w^H2V$L%vb(Tbn2gOh5!*KdQdR(&3|8YEs_&C}C%W
zferk40#!etCH%vg^j06Kgycg~!=Mt3U@A@sJTBhH^Xlmq^TCh|*T5U}sVakN9R!Y8
aeJMp7XSzSPoUIYzO-L4+%VhfX&;JJ;sH^h;

literal 3395
zcmY*ac{tQ<7yiu{V_$|rA%;e>y=E+9O_nU#g|hFBC`-tmWsqeoSyGW9LYA!AlQm0d
zlqs?cuRUcMvVK$7_r34+{c)aipZh-Nxy~QY_1q{N(`7J-3WZ}lgwlyV(0Q=O1fl`u
z;TYE;IL2iPy@0|&nf_0rK7rt<4^TL2G9|X44F8>Cqz8fXaF7!e4sw9vh0_0zrd-Yp
zq5aB`c0pwf*#!pE3`1~`u};|qLmAL66%SqGD&c1ok7w*g=3CPGVk4GBqUnz5R$^lb
z8Dv(rRpfX7yvJ$AZ8B=IukK|?oWq7THPW9AE8<%>%oONtPAOw&x8_?KHa0J|WVwA0
zIe9<A-tS6~Vo1?Aon^Vz8@TOK!&HCY29BY>iq|#j@0h-r2z9#p>N7n4=mGfXBZdZv
zm>}$|9($ZRdyt-g#VGBa?>B!qNzif-i+FE)kucwfM0uQ_?eH5E22H7{O&W(b9&xxe
z%p<>vWCX)-exQO)Be<qbj|d8Up=IFA%(u$H!C8Zsu`($IyxGM@PgbL%;oL8B@}w;<
zslw&;Ie)4@ZgX%Y+K@XJ+plI+SDf=!DcPJ^uitp_G{fmw*x0Z_v4Ri_xPZDuTfTZE
zj@BPs*y}mEakcd{`vfmJu{&XQThbwL+Jx9nOQxl@_KXgeSx2}lR--kzCTbHWm<<%F
z-wG7qvy%!%-b|qE?yEcLMcm}PE*kp4;n&g}Eb*>=&=gf&-c#+j`(NUetfn}WVXG{=
z^!3S{N|*XdJW@10Ikf3}LcuN>qA~Ixlg<<TFYaZ=K7Q-_&^a?WkN7|@M{JM5(?#_b
zw4(#5W!UeEu>}c;<Q6L}t+tdP4#Sp!Mselu?(zp`((9ImAM7xHYR^47Hkrx^p4vcp
z4QnX-mlDq#2=%1fOW}2U8DG&~d?<y{ft>VO{NzpbcV)gX{XXMvCF$|Bihu8%Mj`v7
z@JI#bMy0mL?ntjDyu>tItFCrcM?2T4qxi{DAYXF4re+jt!0KM!4AX1-`m6J2B-j7$
ztQmXW9+nsyVA76pGD!SNDBJX7<=P3^TAtMP*S&|$8V_zcInNp6F})=P6L9WM3skx(
zrU*k+zF?-S=h<kN^8F&zSe1S~eK^iJHSLX(<0w2REgl1<(>mjpL4Q3zv>!AS5ZdH`
zP7@1%4o~2pGsTCkqHI#fTE9t6L}0I0RV#X80*5W8dQ!d^3i!EAcx!{g?Ymhx9_uH|
z%5-;5L5^5@FPajHS9ShoBMyy!p(c{qxOAL#hI6ENh505_rZ0?SGHg>G?cH-JcX$bP
zvvcygKZ|q33xcOvl0F>Lq;-3oT1}&U{+hFQhdrnZ&f3Cd?*G~+e;NZj-CLQ#d7u*d
z-zLck*=~$_*oTD=7glD2s_n4ZBbndKCJM<*Y#U_RIHLGB-|y!WU`T^)1|P6xbeP|G
zVeM+?bDY~u1~eh71YCS>5m|2W++)$^^VxHSdmxwhWqlh$#}_R*QJIE}!YhyC22(}y
z-pGi)Mp$4isupi_SdyK1kwa|ypqYxD<VWO;AKXtGgharI<HJRRfwG6UIvsr2SG4eL
z1qZT8{904!Y!=Vb8M8eXns!3ng{RM#%k?-NNK@V`RpP=1Vi7meTMHD9tGMF^OOu*&
zKkEJ<QyCrXmk4v>ZM%%-W8XLUrq=uHuIVLfoLXn0Ft*+*&7DasMmP3gdi3$so3cjv
zU3_I_!HIUJ-KLn$?<Oy=$2>yVs^q%Nt?{K4vH$8|KG-fP7I-JGh){ZkukKp&IeTFS
zofK|@;`zesc<{wV&~=^Lpxwgq@1SZU!pFuL4xnXwJhXzpFXWPHqe<o{of=?@4QPh<
zCfXK}C3?e>5C^&F$XOKSyA*?hARwF^42%X)?En0pbR1|X1Ofs80A>9z2}c|9=>s8v
zEFceP0#bk)B`W|LfCL~z!7_mQA0!RPQ8WpPf}*g$)hhsoqDlYhLQ^z_KfESzA7%UR
z0wA<8pCMoXxB<?958ws(QUVM30SLg9a{gvK0ar?;LBT<QH-+<})INYC1>gEJg#e8I
z^!ZaN7vLt~Loo#6Kiktl^Kj613iSpI0w}5OUj_7kE&%=Q0@7Z?>>U#@$=@yzfrG{o
ztFTv(L~LX}xO!x<I991&uguEr^F_*S_9$Z3Kh$$VI@4{8Td_E+dsdAH1C#2D#%yJ2
z;V}KTI__UD&7O=vR{~tE)eh?>0^EITtLxl@_o6uy5gghAR{hz9rAUI9X6qKa_Nw%q
za~SdO27));Ss1O7WmAmU?z>@+sX7%|EH>F*@OZUVn!`%vFPjg13@<L=t?a0liz4u^
zpgv!|Ht?Z163@(NQBf<RJoF6Yt=m!NO!Zbh03)F2$7|p2!t1G(MX;6syvxu~wYV@w
zYOdK96hsL@cwM6EZia~M%7^h>;Tl|_JIFJuO?ibe+@(=Ci<oMW0_}<zziSP>tY0KN
zmhw8P&DGlJBqvEH_i~51(xCCqvU$O5a^w(gap!{;x$=mI;>(I{4_^3{xSVl<tRt0i
zwJ}`+pMnKj)Qi^mQm@JMGlcB)uS|q|CAUU^iT?NHv`}YjOLMk_xK{gpmUaLmQm{$g
zz|u)aN0t>t0*&Z-y38aD8;?f`*U1VzA?{YPa$fn^V7$cGLd)&c%khfmt-qvZ_d8X!
z7hHsG8{dHEPrBwl**uN9qgJ5p<XGn1KpP(FMyoH}katpql14K%=tN$6%?(!LZ+O?s
zy8nIq2}0!AOtMjAZ@#5Xc7y~uHoKSmLpBw`;ed80>Da-DS;*TkBvMr}WsGRp(tl&q
zOLj#>q5fr!g3h>N*4Lo!^2f&yedb9`Kc@UII#(J*#=~mQpg7_^@Qad_`7&Rw^Q13P
zmkj26C2^Lfg&(Un^M{l&&Z~Al#>~&po-IRgbH;zV|EZU6sq2W4r<`>`jAnHJX0F#X
zoYLuTJJ&S<F2|5hzOCIhUt<&!av#5|V5U44K6<y^>__HOHM}CU)!}{mUnHM4&H-PJ
zDgU|rTaFE6VJ^#8$-<D<8ue5=5aQk>7}h}^b=$AFm^Ju%|Irt#Xm@y!x8ht)nP}yX
zak6LD=XrWjz}YIk=NKi;Oyzuyhr4N#>$;BIHeVmO7CwR&BH~$h($R>lxm#|jH)hMo
z7Cl?fME$4w@i!`TUwnfzepq`tb2MXQ<j#0~X0oASJ@eDDWUPPuWR>>vjOez4DO&G+
zwbxqf;c;Lz7e^2GJN4&pn)*n036&#X{M)L}<CkZ5u}z~1rU&7O>3jNt9WQoG#Ltw0
zBSd@4uASn_19~vFMd|jhEOlmOnzg#t-W`Y8`{ihls#Ej*@-YyvQR5@XB{Zg<SH{{w
z(wx*R^}jJk(~`ojL>n*UU@bPjBb)ma-dM*TyAY#Qr-I?}ssTqWiQUU~9nVL8urj8g
z<Pm|D7H-y@q`>B=?6~(E%Bt>5<*!OPB%-9y0pkl!uu8}JyuP^C{VwK-!6&8CcOsFR
z#AD|e+mNE9i#41w#l(h}rbw&h^*Xp8>93ZTvg}r-DJps1W6hRpeV*HGw|(EWnX7>t
zi;7~9X)yDN{8DJzLpxCoH*tL3SHK!$Z}tQc<%NTk$t)S*4<=4>wFvMd!y)pV_liw)
z7<i2&;d(y0J`(1*b*RZ|8eAIP`Tp)H+XtcCSfO)N7aCvm4XZCFP%F;c%VAcr%jrKb
z225ixtBBLHrMvxFL|f7tn)hxOF0o*j4qD|w!iB&Qt7=9YBZuzRTRb%#r^bpO*-r%%
ziGj3KOFgV=V$^}Eh8nv$E?L<Fl~^UaFm_cAvHl$EqI9{3VDlg@RtR=9fp$|-PFe$H
z<hg(45ieI8-MIAof<pM3XjA@~lp?z)gSl1vBbt->Z+8=AXg^<jU4rsv&mP@Oc+;10
zcri;=*ygm23CSF<fZPf`tEk^$33d3@`=cj&C09_JI1;LcOpLQ3LC=qQ)X<6A#TG8;
zSG4EbN^d9A2uM;1G=h`PO&fv7ys<y!5++xcYCns=q|&~cb~_+IWg+TH-Ct0G)w9au
zfuJm*2>QgwL(&DRsQU5*({(LDt{G-4Rx#dhx6AP+_msH%Jue6QCy=B0w?y#4k$7;>
z=5ttmpV&vFVv}ZY>6NE%#+W))M)<U8<EO9Y<&?BHIiyR71zl|wTpCGVmTo(h&HuIJ
z=gZ(OII_T^r>nU;WMS%-mtLT!)&4oAMhnY2Hb@dJUGXLb^4wIex}=co7n{7tD1N!|
zw63xzN%ImPTf3iZ?X@yq6*F$jX5my$Q%SSyOrlD)y}jkyw`e{y&l34ahp)821A!iS
z4-;-p@j6Gn!f>FJQ2ZzwD76?f6_^_WN5dA?3G%E0bF79+L#MT|(Yv~t5ct?-mV0Fj
V%$88{h~I%@Xjg7x^oQR@_8&Ry9S;Bi

diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index f32239a..10edb46 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -75,16 +75,15 @@
     <None Include="app.config" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="IdentityModel" Version="1.9.2" />
-    <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.3" />
-    <PackageReference Include="Microsoft.IdentityModel.Protocol.Extensions" Version="1.0.2.206221351" />
-    <PackageReference Include="Microsoft.Owin" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="3.0.1" />
-    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="3.0.1" />
+    <PackageReference Include="IdentityModel" Version="5.2.0" />
+    <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.7" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.14.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.14.1" />
+    <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="4.2.0" />
+    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="4.2.0" />
     <PackageReference Include="Moq" Version="4.2.1510.2205" />
-    <PackageReference Include="Newtonsoft.Json" Version="8.0.3" />
-    <PackageReference Include="Owin" Version="1.0.0" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="4.0.2.206221351" />
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.14.1" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs b/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
index eaef64c..367add5 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
@@ -18,10 +18,10 @@
 using Microsoft.Owin.Security.OAuth;
 using System;
 using System.Collections.Generic;
-using System.IdentityModel.Tokens;
 using System.Linq;
 using System.Net.Http;
 using System.Security.Cryptography.X509Certificates;
+using Microsoft.IdentityModel.Tokens;
 
 namespace IdentityServer3.AccessTokenValidation
 {
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
index 8f44eee..358003a 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
@@ -20,9 +20,10 @@
 using Microsoft.Owin.Security.Jwt;
 using Microsoft.Owin.Security.OAuth;
 using System;
-using System.IdentityModel.Tokens;
 using System.Linq;
+using System.Security.Cryptography.X509Certificates;
 using System.Threading;
+using Microsoft.IdentityModel.Tokens;
 
 namespace Owin
 {
@@ -141,20 +142,21 @@ internal static Lazy<OAuthBearerAuthenticationOptions> ConfigureLocalValidation(
         {
             return new Lazy<OAuthBearerAuthenticationOptions>(() => 
             {
-                JwtFormat tokenFormat = null;
+                JwtFormat tokenFormat;
 
                 // use static configuration
                 if (!string.IsNullOrWhiteSpace(options.IssuerName) &&
                     options.SigningCertificate != null)
                 {
-                    var audience = options.IssuerName.EnsureTrailingSlash();
+                    string audience = options.IssuerName.EnsureTrailingSlash();
                     audience += "resources";
 
+                    Microsoft.IdentityModel.Tokens.SecurityKey securityKey = new X509SecurityKey(new X509Certificate2(options.SigningCertificate));
                     var valParams = new TokenValidationParameters
                     {
                         ValidIssuer = options.IssuerName,
                         ValidAudience = audience,
-                        IssuerSigningToken = new X509SecurityToken(options.SigningCertificate),
+                        IssuerSigningKey = securityKey,
 
                         NameClaimType = options.NameClaimType,
                         RoleClaimType = options.RoleClaimType,
@@ -191,7 +193,7 @@ internal static Lazy<OAuthBearerAuthenticationOptions> ConfigureLocalValidation(
                     }
                     else
                     {
-                        valParams.IssuerSigningKeyResolver = ResolveRsaKeys;
+                         valParams.IssuerSigningKeyResolver = options.IssuerSigningKeyResolver;
                     }
 
                     tokenFormat = new JwtFormat(valParams, issuerProvider);
@@ -210,30 +212,37 @@ internal static Lazy<OAuthBearerAuthenticationOptions> ConfigureLocalValidation(
 
             }, LazyThreadSafetyMode.PublicationOnly);
         }
-
-        private static SecurityKey ResolveRsaKeys(
-            string token, 
-            SecurityToken securityToken, 
-            SecurityKeyIdentifier keyIdentifier, 
-            TokenValidationParameters validationParameters)
-        {
-            string id = null;
-            foreach (var keyId in keyIdentifier)
-            {
-                var nk = keyId as NamedKeySecurityKeyIdentifierClause;
-                if (nk != null)
-                {
-                    id = nk.Id;
-                    break;
-                }
-            }
-
-            if (id == null) return null;
-
-            var issuerToken = validationParameters.IssuerSigningTokens.FirstOrDefault(it => it.Id == id);
-            if (issuerToken == null) return null;
-
-            return issuerToken.SecurityKeys.FirstOrDefault();
-        }
+        
+        // public delegate IEnumerable<SecurityKey> IssuerSigningKeyResolver(
+        //     string token,
+        //     SecurityToken securityToken,
+        //     string kid,
+        //     TokenValidationParameters validationParameters);
+        //
+        // private static IEnumerable<System.IdentityModel.Tokens.SecurityKey> ResolveRsaKeys(
+        //     string token, 
+        //     Microsoft.IdentityModel.Tokens.SecurityToken securityToken, 
+        //     SecurityKeyIdentifier keyIdentifier, 
+        //     TokenValidationParameters validationParameters)
+        // {
+        //     string id = null;
+        //     foreach (System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyId in keyIdentifier)
+        //     {
+        //         id = keyId.Id;
+        //         /*var nk = keyId as NamedKeySecurityKeyIdentifierClause;
+        //         if (nk != null)
+        //         {
+        //             id = nk.Id;
+        //             break;
+        //         }*/
+        //     }
+        //
+        //     if (id == null) return null;
+        //
+        //     var issuerToken = validationParameters.key.IssuerSigningTokens.FirstOrDefault(it => it.Id == id);
+        //     if (issuerToken == null) return null;
+        //
+        //     return issuerToken.SecurityKeys.FirstOrDefault();
+        // }
     }
 }
\ No newline at end of file
diff --git a/source/AccessTokenValidation/Plumbing/DiscoveryDocumentIssuerSecurityTokenProvider.cs b/source/AccessTokenValidation/Plumbing/DiscoveryDocumentIssuerSecurityTokenProvider.cs
index 75c7711..9c8c6aa 100644
--- a/source/AccessTokenValidation/Plumbing/DiscoveryDocumentIssuerSecurityTokenProvider.cs
+++ b/source/AccessTokenValidation/Plumbing/DiscoveryDocumentIssuerSecurityTokenProvider.cs
@@ -19,20 +19,20 @@
 using Microsoft.Owin.Security.Jwt;
 using System;
 using System.Collections.Generic;
-using System.IdentityModel.Tokens;
 using System.Net.Http;
-using System.Security.Cryptography;
 using System.Threading;
+using Microsoft.IdentityModel.Protocols.OpenIdConnect;
+using Microsoft.IdentityModel.Tokens;
 
 namespace IdentityServer3.AccessTokenValidation
 {
-    internal class DiscoveryDocumentIssuerSecurityTokenProvider : IIssuerSecurityTokenProvider
+    internal class DiscoveryDocumentIssuerSecurityTokenProvider : IIssuerSecurityKeyProvider
     {
         private readonly ReaderWriterLockSlim _synclock = new ReaderWriterLockSlim();
         private readonly ConfigurationManager<OpenIdConnectConfiguration> _configurationManager;
         private readonly ILogger _logger;
         private string _issuer;
-        private IEnumerable<SecurityToken> _tokens;
+        private ICollection<SecurityKey> _keys;
 
         public DiscoveryDocumentIssuerSecurityTokenProvider(string discoveryEndpoint, IdentityServerBearerTokenAuthenticationOptions options, ILoggerFactory loggerFactory)
         {
@@ -51,7 +51,7 @@ public DiscoveryDocumentIssuerSecurityTokenProvider(string discoveryEndpoint, Id
                 webRequestHandler.ServerCertificateValidationCallback = options.BackchannelCertificateValidator.Validate;
             }
 
-            _configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(discoveryEndpoint, new HttpClient(handler))
+            _configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(discoveryEndpoint, new OpenIdConnectConfigurationRetriever(), new HttpClient(handler))
             {
                 AutomaticRefreshInterval = options.AutomaticRefreshInterval
             };
@@ -96,7 +96,7 @@ public string Audience
                 _synclock.EnterReadLock();
                 try
                 {
-                    var issuer = _issuer.EnsureTrailingSlash();
+                    string issuer = _issuer.EnsureTrailingSlash();
                     return issuer + "resources";
                 }
                 finally
@@ -106,13 +106,7 @@ public string Audience
             }
         }
 
-        /// <summary>
-        /// Gets all known security tokens.
-        /// </summary>
-        /// <value>
-        /// All known security tokens.
-        /// </value>
-        public IEnumerable<SecurityToken> SecurityTokens
+        public IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> SecurityKeys
         {
             get
             {
@@ -120,7 +114,7 @@ public IEnumerable<SecurityToken> SecurityTokens
                 _synclock.EnterReadLock();
                 try
                 {
-                    return _tokens;
+                    return _keys;
                 }
                 finally
                 {
@@ -134,7 +128,7 @@ private void RetrieveMetadata()
             _synclock.EnterWriteLock();
             try
             {
-                var result = AsyncHelper.RunSync(async () => await _configurationManager.GetConfigurationAsync());
+                OpenIdConnectConfiguration result = AsyncHelper.RunSync(async () => await _configurationManager.GetConfigurationAsync());
 
                 if (result.JsonWebKeySet == null)
                 {
@@ -142,21 +136,8 @@ private void RetrieveMetadata()
                     throw new InvalidOperationException("Discovery document has no configured signing key. aborting.");
                 }
 
-                var tokens = new List<SecurityToken>();
-                foreach (var key in result.JsonWebKeySet.Keys)
-                {
-                    var rsa = RSA.Create();
-                    rsa.ImportParameters(new RSAParameters
-                    {
-                        Exponent = Base64UrlEncoder.DecodeBytes(key.E),
-                        Modulus = Base64UrlEncoder.DecodeBytes(key.N)
-                    });
-
-                    tokens.Add(new RsaSecurityToken(rsa, key.Kid));
-                }
-
                 _issuer = result.Issuer;
-                _tokens = tokens;
+                _keys = result.SigningKeys;
             }
             catch (Exception ex)
             {
diff --git a/source/AccessTokenValidation/Plumbing/IntrospectionEndpointTokenProvider.cs b/source/AccessTokenValidation/Plumbing/IntrospectionEndpointTokenProvider.cs
index f2e4eb2..203660a 100644
--- a/source/AccessTokenValidation/Plumbing/IntrospectionEndpointTokenProvider.cs
+++ b/source/AccessTokenValidation/Plumbing/IntrospectionEndpointTokenProvider.cs
@@ -18,10 +18,8 @@
 using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Infrastructure;
-using Newtonsoft.Json;
 using System;
 using System.Collections.Generic;
-using System.Net;
 using System.Net.Http;
 using System.Security.Claims;
 using System.Threading.Tasks;
@@ -43,11 +41,12 @@ public IntrospectionEndpointTokenProvider(IdentityServerBearerTokenAuthenticatio
                 throw new Exception("Authority must be set to use validation endpoint.");
             }
 
-            var baseAddress = options.Authority.EnsureTrailingSlash();
+            string baseAddress = options.Authority.EnsureTrailingSlash();
             baseAddress += "connect/introspect";
-            var introspectionEndpoint = baseAddress;
+            string introspectionEndpoint = baseAddress;
 
-            var handler = options.IntrospectionHttpHandler ?? new WebRequestHandler();
+            HttpMessageHandler handler = options.IntrospectionHttpHandler ?? new WebRequestHandler();
+            var invoker = new HttpMessageInvoker(handler);
 
             if (options.BackchannelCertificateValidator != null)
             {
@@ -60,20 +59,26 @@ public IntrospectionEndpointTokenProvider(IdentityServerBearerTokenAuthenticatio
 
                 webRequestHandler.ServerCertificateValidationCallback = options.BackchannelCertificateValidator.Validate;
             }
-
+            
             if (!string.IsNullOrEmpty(options.ClientId))
             {
                 _client = new IntrospectionClient(
-                    introspectionEndpoint, 
-                    options.ClientId, 
-                    options.ClientSecret,
-                    handler);
+                    invoker,
+                    new IntrospectionClientOptions()
+                    {
+                        Address = introspectionEndpoint,
+                        ClientId = options.ClientId,
+                        ClientSecret = options.ClientSecret
+                    });
             }
             else
             {
                 _client = new IntrospectionClient(
-                    introspectionEndpoint,
-                    innerHttpMessageHandler: handler);
+                    invoker,
+                    new IntrospectionClientOptions
+                    {
+                        Address = introspectionEndpoint
+                    });
             }
 
             _options = options;
@@ -91,10 +96,10 @@ public override async Task ReceiveAsync(AuthenticationTokenReceiveContext contex
                 }
             }
 
-            IntrospectionResponse response;
+            TokenIntrospectionResponse response;
             try
             {
-                response = await _client.SendAsync(new IntrospectionRequest { Token = context.Token });
+                response = await _client.Introspect(context.Token);
                 if (response.IsError)
                 {
                     _logger.WriteError("Error returned from introspection endpoint: " + response.Error);
@@ -113,11 +118,11 @@ public override async Task ReceiveAsync(AuthenticationTokenReceiveContext contex
             }
 
             var claims = new List<Claim>();
-            foreach (var claim in response.Claims)
+            foreach (Claim claim in response.Claims)
             {
-                if (!string.Equals(claim.Item1, "active", StringComparison.Ordinal))
+                if (!string.Equals(claim.Type, "active", StringComparison.Ordinal))
                 {
-                    claims.Add(new Claim(claim.Item1, claim.Item2));
+                    claims.Add(new Claim(claim.Type, claim.Value));
                 }
             }
             
diff --git a/source/AccessTokenValidation/Plumbing/ValidationEndpointTokenProvider.cs b/source/AccessTokenValidation/Plumbing/ValidationEndpointTokenProvider.cs
index 39aa72d..b04d1e9 100644
--- a/source/AccessTokenValidation/Plumbing/ValidationEndpointTokenProvider.cs
+++ b/source/AccessTokenValidation/Plumbing/ValidationEndpointTokenProvider.cs
@@ -14,7 +14,6 @@
  * limitations under the License.
  */
 
-using IdentityModel.Extensions;
 using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Infrastructure;
@@ -25,6 +24,7 @@
 using System.Net.Http;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using IdentityModel;
 
 namespace IdentityServer3.AccessTokenValidation
 {

From 1abd50ebaec87e88c7edb583ce6eba5cff06c851 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 18:22:34 -0500
Subject: [PATCH 05/11] cleanup, update assembly and package identity, prepare
 for nupkg build

---
 build.ps1                                     |  6 ++---
 default.ps1                                   |  2 +-
 source/.nuget/packages.config                 |  2 +-
 .../AccessTokenValidation.Tests.csproj        |  7 +----
 .../Integration Tests/ResponseHeaders.cs      |  1 -
 source/AccessTokenValidation.Tests/app.config | 27 -------------------
 .../AccessTokenValidation.csproj              | 10 ++-----
 .../Properties/AssemblyInfo.cs                |  2 +-
 ...entityServer3.AccessTokenValidation.nuspec | 20 +++++++-------
 9 files changed, 18 insertions(+), 59 deletions(-)
 delete mode 100644 source/AccessTokenValidation.Tests/app.config

diff --git a/build.ps1 b/build.ps1
index df8d118..dd745da 100644
--- a/build.ps1
+++ b/build.ps1
@@ -5,10 +5,10 @@ Param(
 
 gci .\source -Recurse "packages.config" |% {
     "Restoring " + $_.FullName
-    .\source\.nuget\nuget.exe install $_.FullName -o .\source\packages
+    nuget.exe install $_.FullName -o .\source\packages
 }
 
-Import-Module .\source\packages\psake.4.4.1\tools\psake.psm1
+Import-Module .\source\packages\psake.4.9.0\tools\psake
 
 if(Test-Path Env:\APPVEYOR_BUILD_NUMBER){
     $buildNumber = [int]$Env:APPVEYOR_BUILD_NUMBER
@@ -19,6 +19,6 @@ if(Test-Path Env:\APPVEYOR_BUILD_NUMBER){
 
 "Build number $buildNumber"
 
-Invoke-Psake .\default.ps1 $task -framework "4.0x64" -properties @{ buildNumber=$buildNumber; preRelease=$preRelease }
+Invoke-Psake .\default.ps1 "default" -framework "4.8x64" -properties @{ buildNumber=$buildNumber; preRelease=$preRelease }
 
 Remove-Module psake
\ No newline at end of file
diff --git a/default.ps1 b/default.ps1
index f3b5368..6c4e727 100644
--- a/default.ps1
+++ b/default.ps1
@@ -24,7 +24,7 @@ task Clean {
 }
 
 task Compile -depends UpdateVersion {
-	exec { msbuild /nologo /verbosity:q $sln_file /p:Configuration=$target_config /p:TargetFrameworkVersion=v4.5 }
+	exec { msbuild /nologo /verbosity:q $sln_file /p:Configuration=$target_config /p:TargetFrameworkVersion=v4.8 }
 }
 
 task RunTests -depends Compile {
diff --git a/source/.nuget/packages.config b/source/.nuget/packages.config
index cb6ef5f..3f7f610 100644
--- a/source/.nuget/packages.config
+++ b/source/.nuget/packages.config
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
-  <package id="psake" version="4.4.1" />
+  <package id="psake" version="4.9.0" />
   <package id="xunit.runner.console" version="2.0.0" />
 </packages>
\ No newline at end of file
diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index bc58fc3..7092597 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -64,7 +64,6 @@
     <Compile Include="Util\Cert.cs" />
   </ItemGroup>
   <ItemGroup>
-    <None Include="app.config" />
     <EmbeddedResource Include="Util\idsrv3test.pfx" />
   </ItemGroup>
   <ItemGroup>
@@ -79,14 +78,10 @@
   <ItemGroup>
     <PackageReference Include="FluentAssertions" Version="6.2.0" />
     <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.14.1" />
-    <PackageReference Include="Moq" Version="4.2.1510.2205" />
+    <PackageReference Include="Moq" Version="4.16.1" />
     <PackageReference Include="OwinHttpMessageHandler" Version="2.0.2" />
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.extensibility.core" Version="2.4.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
diff --git a/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs b/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs
index 3ecb53b..54ccba2 100644
--- a/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs	
+++ b/source/AccessTokenValidation.Tests/Integration Tests/ResponseHeaders.cs	
@@ -25,7 +25,6 @@ public class ResponseHeaders
         [Fact]
         public async Task WhenCorsHeadersAreAlreadySetOnTheResponse_LeavesThemAsIs()
         {
-            X509Certificate2 cert;
             var client = PipelineFactory.CreateHttpClient(_options, x =>
                                                                     {
                                                                         x.Use(async (context, next) =>
diff --git a/source/AccessTokenValidation.Tests/app.config b/source/AccessTokenValidation.Tests/app.config
deleted file mode 100644
index 587f735..0000000
--- a/source/AccessTokenValidation.Tests/app.config
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<configuration>
-  <runtime>
-    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
-      <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
-      </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
-      </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
-      </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-4.0.20622.1351" newVersion="4.0.20622.1351" />
-      </dependentAssembly>
-      <dependentAssembly>
-        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-8.0.0.0" newVersion="8.0.0.0" />
-      </dependentAssembly>
-    </assemblyBinding>
-  </runtime>
-</configuration>
\ No newline at end of file
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index 10edb46..f52422e 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -8,7 +8,7 @@
     <OutputType>Library</OutputType>
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>IdentityServer3.AccessTokenValidation</RootNamespace>
-    <AssemblyName>IdentityServer3.AccessTokenValidation</AssemblyName>
+    <AssemblyName>BIMOne.IdentityServer3.AccessTokenValidation</AssemblyName>
     <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
   </PropertyGroup>
@@ -32,13 +32,11 @@
     <DocumentationFile>..\..\build\IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.IdentityModel" />
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Net.Http.WebRequest" />
     <Reference Include="System.Runtime.Caching" />
-    <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
     <Reference Include="Microsoft.CSharp" />
     <Reference Include="System.Data" />
@@ -78,12 +76,8 @@
     <PackageReference Include="IdentityModel" Version="5.2.0" />
     <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.7" />
     <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.14.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.14.1" />
     <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="4.2.0" />
-    <PackageReference Include="Microsoft.Owin.Security.OAuth" Version="4.2.0" />
-    <PackageReference Include="Moq" Version="4.2.1510.2205" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.14.1" />
+    <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
diff --git a/source/AccessTokenValidation/Properties/AssemblyInfo.cs b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
index 3d09885..d96670b 100644
--- a/source/AccessTokenValidation/Properties/AssemblyInfo.cs
+++ b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
@@ -20,7 +20,7 @@
 // General Information about an assembly is controlled through the following 
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
-[assembly: AssemblyTitle("Access Toke Validation Middleware for IdentityServer3")]
+[assembly: AssemblyTitle("Access Token Validation Middleware for IdentityServer3")]
 [assembly: AssemblyDescription("")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("")]
diff --git a/source/IdentityServer3.AccessTokenValidation.nuspec b/source/IdentityServer3.AccessTokenValidation.nuspec
index 6fddcf2..7e9c705 100644
--- a/source/IdentityServer3.AccessTokenValidation.nuspec
+++ b/source/IdentityServer3.AccessTokenValidation.nuspec
@@ -1,17 +1,17 @@
 <?xml version="1.0"?>
 <package >
   <metadata>
-    <id>IdentityServer3.AccessTokenValidation</id>
+    <id>BIMOne.IdentityServer3.AccessTokenValidation</id>
     <version>0.0.0</version>
-    <title>IdentityServer3 - Access Token Validation</title>
+    <title>IdentityServer3 - Access Token Validation (Upgraded for BIM Track)</title>
     <authors>Brock Allen, Dominick Baier</authors>
     <owners>Brock Allen, Dominick Baier</owners>
-    <projectUrl>https://github.com/identityserver/IdentityServer3.AccessTokenValidation</projectUrl>
+    <projectUrl>https://github.com/bimone/IdentityServer3.AccessTokenValidation</projectUrl>
     <iconUrl>https://identityserver.github.io/Documentation/assets/images/icons/IDserver_icon128.jpg</iconUrl>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <licenseUrl>https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/blob/master/LICENSE</licenseUrl>
     <description>Access token validation middleware for JWT and reference tokens issued by IdentityServer3.</description>
-    <copyright>Copyright 2015</copyright>
+    <copyright>Copyright 2021</copyright>
     <tags>IdentityServer OpenID Connect OpenIDConnect OAuth2 OWIN ASP.NET Katana WebApi SSO Federation Claims Identity JWT token</tags>
     
     <frameworkAssemblies>
@@ -20,13 +20,11 @@
     </frameworkAssemblies>
 
     <dependencies>
-      <dependency id="Owin" version="1.0"/>
-      <dependency id="Microsoft.Owin.Security.Jwt" version="3.0.1" />
-      <dependency id="Microsoft.AspNet.WebApi.Client" version="5.2.3" />
-      <dependency id="IdentityModel" version="[1.9.2,2.0)" />
-      <dependency id="Newtonsoft.Json" version="8.0.3" />
-      <dependency id="Microsoft.IdentityModel.Protocol.Extensions" version="1.0.2.206221351" />
-      <dependency id="System.IdentityModel.Tokens.Jwt" version="4.0.2.206221351" />
+	  <dependency id="IdentityModel" version="5.2.0" />
+      <dependency id="Microsoft.AspNet.WebApi.Client" version="5.2.7" />
+	  <dependency id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="6.14.1" />
+	  <dependency id="Microsoft.Owin.Security.Jwt" version="4.2.0" />
+      <dependency id="Newtonsoft.Json" version="10.0.0" />
     </dependencies>
   </metadata>
 </package>

From 016e388a69c970488264c1282de0a8f5cded297d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 18:23:01 -0500
Subject: [PATCH 06/11] include Rider files

---
 .../.idea/.gitignore                                | 13 +++++++++++++
 .../.idea/.name                                     |  1 +
 .../.idea/indexLayout.xml                           |  8 ++++++++
 .../.idea/vcs.xml                                   |  6 ++++++
 .../AccessTokenValidation.csproj.DotSettings        |  2 ++
 ...ityServer3.AccessTokenValidation.sln.DotSettings |  3 +++
 6 files changed, 33 insertions(+)
 create mode 100644 source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.gitignore
 create mode 100644 source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.name
 create mode 100644 source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/indexLayout.xml
 create mode 100644 source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/vcs.xml
 create mode 100644 source/AccessTokenValidation/AccessTokenValidation.csproj.DotSettings
 create mode 100644 source/IdentityServer3.AccessTokenValidation.sln.DotSettings

diff --git a/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.gitignore b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.gitignore
new file mode 100644
index 0000000..2a0e20a
--- /dev/null
+++ b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.gitignore
@@ -0,0 +1,13 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Rider ignored files
+/modules.xml
+/projectSettingsUpdater.xml
+/contentModel.xml
+/.idea.IdentityServer3.AccessTokenValidation.iml
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
+# Editor-based HTTP Client requests
+/httpRequests/
diff --git a/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.name b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.name
new file mode 100644
index 0000000..0332086
--- /dev/null
+++ b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/.name
@@ -0,0 +1 @@
+IdentityServer3.AccessTokenValidation
\ No newline at end of file
diff --git a/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/indexLayout.xml b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/indexLayout.xml
new file mode 100644
index 0000000..7b08163
--- /dev/null
+++ b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/indexLayout.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="UserContentModel">
+    <attachedFolders />
+    <explicitIncludes />
+    <explicitExcludes />
+  </component>
+</project>
\ No newline at end of file
diff --git a/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/vcs.xml b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/vcs.xml
new file mode 100644
index 0000000..6c0b863
--- /dev/null
+++ b/source/.idea/.idea.IdentityServer3.AccessTokenValidation/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$/.." vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj.DotSettings b/source/AccessTokenValidation/AccessTokenValidation.csproj.DotSettings
new file mode 100644
index 0000000..f6eb9d9
--- /dev/null
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj.DotSettings
@@ -0,0 +1,2 @@
+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:Boolean x:Key="/Default/CodeInspection/NamespaceProvider/NamespaceFoldersToSkip/=plumbing/@EntryIndexedValue">True</s:Boolean></wpf:ResourceDictionary>
\ No newline at end of file
diff --git a/source/IdentityServer3.AccessTokenValidation.sln.DotSettings b/source/IdentityServer3.AccessTokenValidation.sln.DotSettings
new file mode 100644
index 0000000..4ff30ed
--- /dev/null
+++ b/source/IdentityServer3.AccessTokenValidation.sln.DotSettings
@@ -0,0 +1,3 @@
+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:String x:Key="/Default/CodeStyle/Naming/CSharpNaming/PredefinedNamingRules/=Constants/@EntryIndexedValue">&lt;Policy Inspect="True" Prefix="" Suffix="" Style="AaBb" /&gt;</s:String>
+	<s:String x:Key="/Default/CodeStyle/Naming/CSharpNaming/PredefinedNamingRules/=PrivateConstants/@EntryIndexedValue">&lt;Policy Inspect="True" Prefix="" Suffix="" Style="AaBb" /&gt;</s:String></wpf:ResourceDictionary>
\ No newline at end of file

From b46eefc8bc1c68d9dfa399707c827947a5aba1bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 18:27:06 -0500
Subject: [PATCH 07/11] migrate projects to SDK-style project format

---
 .../AccessTokenValidation.Tests.csproj        | 73 ++-----------------
 .../Properties/AssemblyInfo.cs                | 25 -------
 .../AccessTokenValidation.csproj              | 72 ++----------------
 .../Properties/AssemblyInfo.cs                | 25 -------
 4 files changed, 13 insertions(+), 182 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index 7092597..b24ed37 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -1,79 +1,30 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+<Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{0243A9FA-E484-43AD-A86C-F399ED79CCF3}</ProjectGuid>
-    <OutputType>Library</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
-    <RootNamespace>AccessTokenValidation.Tests</RootNamespace>
-    <AssemblyName>AccessTokenValidation.Tests</AssemblyName>
-    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-    <TargetFrameworkProfile />
-    <NuGetPackageImportStamp>
-    </NuGetPackageImportStamp>
+    <TargetFramework>net48</TargetFramework>
+    <AssemblyTitle>AccessTokenValidation.Tests</AssemblyTitle>
+    <Company>Xero</Company>
+    <Product>AccessTokenValidation.Tests</Product>
+    <Copyright>Copyright © Xero 2014</Copyright>
+    <OutputPath>..\..\build\</OutputPath>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <DebugSymbols>true</DebugSymbols>
     <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>..\..\build\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>..\..\build\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="System" />
-    <Reference Include="System.Core" />
     <Reference Include="System.IdentityModel" />
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Net.Http.WebRequest" />
-    <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
     <Reference Include="Microsoft.CSharp" />
-    <Reference Include="System.Data" />
-    <Reference Include="System.Xml" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="InMemoryClaimsCacheTests.cs" />
-    <Compile Include="Integration Tests\DynamicLocal.cs" />
-    <Compile Include="Integration Tests\Introspection.cs" />
-    <Compile Include="Integration Tests\DynamicBoth.cs" />
-    <Compile Include="Integration Tests\ResponseHeaders.cs" />
-    <Compile Include="Integration Tests\StaticBoth.cs" />
-    <Compile Include="Integration Tests\StaticLocal.cs" />
-    <Compile Include="Integration Tests\TokenProvider.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="Util\DiscoveryEndpointHandler.cs" />
-    <Compile Include="Util\FailureDiscoveryEndpointHandler.cs" />
-    <Compile Include="Util\IntrospectionEndpointHandler.cs" />
-    <Compile Include="Util\SuccessValidationEndointHandler.cs" />
-    <Compile Include="Util\FailureValidationEndointHandler.cs" />
-    <Compile Include="Util\PipelineFactory.cs" />
-    <Compile Include="Util\TokenFactory.cs" />
-    <Compile Include="Util\Cert.cs" />
   </ItemGroup>
   <ItemGroup>
     <EmbeddedResource Include="Util\idsrv3test.pfx" />
   </ItemGroup>
   <ItemGroup>
-    <ProjectReference Include="..\AccessTokenValidation\AccessTokenValidation.csproj">
-      <Project>{df867b5d-3a9e-443a-b95e-d8f11e2a88a3}</Project>
-      <Name>AccessTokenValidation</Name>
-    </ProjectReference>
-  </ItemGroup>
-  <ItemGroup>
-    <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />
+    <ProjectReference Include="..\AccessTokenValidation\AccessTokenValidation.csproj" />
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="FluentAssertions" Version="6.2.0" />
@@ -83,12 +34,4 @@
     <PackageReference Include="xunit" Version="2.4.1" />
     <PackageReference Include="xunit.extensibility.core" Version="2.4.1" />
   </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
-  -->
 </Project>
\ No newline at end of file
diff --git a/source/AccessTokenValidation.Tests/Properties/AssemblyInfo.cs b/source/AccessTokenValidation.Tests/Properties/AssemblyInfo.cs
index 0150618..f1d10b9 100644
--- a/source/AccessTokenValidation.Tests/Properties/AssemblyInfo.cs
+++ b/source/AccessTokenValidation.Tests/Properties/AssemblyInfo.cs
@@ -1,18 +1,6 @@
 using System.Reflection;
 using System.Runtime.InteropServices;
 
-// General Information about an assembly is controlled through the following 
-// set of attributes. Change these attribute values to modify the information
-// associated with an assembly.
-[assembly: AssemblyTitle("AccessTokenValidation.Tests")]
-[assembly: AssemblyDescription("")]
-[assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("Xero")]
-[assembly: AssemblyProduct("AccessTokenValidation.Tests")]
-[assembly: AssemblyCopyright("Copyright © Xero 2014")]
-[assembly: AssemblyTrademark("")]
-[assembly: AssemblyCulture("")]
-
 // Setting ComVisible to false makes the types in this assembly not visible 
 // to COM components.  If you need to access a type in this assembly from 
 // COM, set the ComVisible attribute to true on that type.
@@ -20,16 +8,3 @@
 
 // The following GUID is for the ID of the typelib if this project is exposed to COM
 [assembly: Guid("647079bd-094e-4e11-abf2-0d66720c1ceb")]
-
-// Version information for an assembly consists of the following four values:
-//
-//      Major Version
-//      Minor Version 
-//      Build Number
-//      Revision
-//
-// You can specify all the values or you can default the Build and Revision Numbers 
-// by using the '*' as shown below:
-// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index f52422e..a20d377 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -1,76 +1,22 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+<Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{DF867B5D-3A9E-443A-B95E-D8F11E2A88A3}</ProjectGuid>
-    <OutputType>Library</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>IdentityServer3.AccessTokenValidation</RootNamespace>
     <AssemblyName>BIMOne.IdentityServer3.AccessTokenValidation</AssemblyName>
-    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>..\..\build\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
+    <TargetFramework>net48</TargetFramework>
+    <AssemblyTitle>Access Token Validation Middleware for IdentityServer3</AssemblyTitle>
+    <Product>AccessTokenValidationMiddleware</Product>
+    <Copyright>Copyright ©  2015 Dominick Baier, Brock Allen &amp; Contributors</Copyright>
     <DocumentationFile>..\..\build\IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
     <OutputPath>..\..\build\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-    <DocumentationFile>..\..\build\IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="System.Core" />
-    <Reference Include="System.IdentityModel" />
-    <Reference Include="System.Net.Http" />
     <Reference Include="System.Net.Http.WebRequest" />
     <Reference Include="System.Runtime.Caching" />
-    <Reference Include="System.Data.DataSetExtensions" />
-    <Reference Include="Microsoft.CSharp" />
-    <Reference Include="System.Data" />
-    <Reference Include="System.Xml" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="Plumbing\IdentityServerOAuthBearerAuthenticationOptions.cs" />
-    <Compile Include="IdentityServerBearerTokenAuthenticationOptions.cs" />
-    <Compile Include="IdentityServerBearerTokenValidationAppBuilderExtensions.cs" />
-    <Compile Include="IdentityServerBearerTokenValidationMiddleware.cs" />
-    <Compile Include="Plumbing\AsyncHelper.cs" />
-    <Compile Include="Plumbing\Cache.cs" />
-    <Compile Include="Plumbing\Clock.cs" />
-    <Compile Include="Plumbing\ContextTokenProvider.cs" />
-    <Compile Include="Plumbing\DiscoveryDocumentIssuerSecurityTokenProvider.cs" />
-    <Compile Include="Plumbing\EpochTimeExtensions.cs" />
-    <Compile Include="Plumbing\ICache.cs" />
-    <Compile Include="Plumbing\IClock.cs" />
-    <Compile Include="Plumbing\InMemoryValidationResultCache.cs" />
-    <Compile Include="Plumbing\IValidationResultCache.cs" />
-    <Compile Include="Plumbing\StringExtensions.cs" />
-    <Compile Include="Plumbing\IntrospectionEndpointTokenProvider.cs" />
-    <Compile Include="Plumbing\ValidationEndpointTokenProvider.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="Plumbing\PreserveAccessTokenMiddleware.cs" />
-    <Compile Include="Plumbing\ScopeRequirementMiddleware.cs" />
-    <Compile Include="Plumbing\ValidationMode.cs" />
-    <Compile Include="Plumbing\ScopeRequirementOptions.cs" />
   </ItemGroup>
   <ItemGroup>
     <None Include="..\default.licenseheader">
       <Link>default.licenseheader</Link>
     </None>
-    <None Include="app.config" />
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="IdentityModel" Version="5.2.0" />
@@ -79,12 +25,4 @@
     <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="4.2.0" />
     <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
   </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
-  -->
 </Project>
\ No newline at end of file
diff --git a/source/AccessTokenValidation/Properties/AssemblyInfo.cs b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
index d96670b..35c6981 100644
--- a/source/AccessTokenValidation/Properties/AssemblyInfo.cs
+++ b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
@@ -17,18 +17,6 @@
 using System.Reflection;
 using System.Runtime.InteropServices;
 
-// General Information about an assembly is controlled through the following 
-// set of attributes. Change these attribute values to modify the information
-// associated with an assembly.
-[assembly: AssemblyTitle("Access Token Validation Middleware for IdentityServer3")]
-[assembly: AssemblyDescription("")]
-[assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("")]
-[assembly: AssemblyProduct("AccessTokenValidationMiddleware")]
-[assembly: AssemblyCopyright("Copyright ©  2015 Dominick Baier, Brock Allen & Contributors")]
-[assembly: AssemblyTrademark("")]
-[assembly: AssemblyCulture("")]
-
 // Setting ComVisible to false makes the types in this assembly not visible 
 // to COM components.  If you need to access a type in this assembly from 
 // COM, set the ComVisible attribute to true on that type.
@@ -36,16 +24,3 @@
 
 // The following GUID is for the ID of the typelib if this project is exposed to COM
 [assembly: Guid("703d6b8a-e38d-4aac-a59a-1800a3686243")]
-
-// Version information for an assembly consists of the following four values:
-//
-//      Major Version
-//      Minor Version 
-//      Build Number
-//      Revision
-//
-// You can specify all the values or you can default the Build and Revision Numbers 
-// by using the '*' as shown below:
-// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.0.0.0")]

From 575fd21dc92043aa6d872d8947c3491f7f902ee8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 18:31:16 -0500
Subject: [PATCH 08/11] cleanup test csproj

---
 .../AccessTokenValidation.Tests.csproj                    | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
index b24ed37..103d6e6 100644
--- a/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
+++ b/source/AccessTokenValidation.Tests/AccessTokenValidation.Tests.csproj
@@ -7,18 +7,10 @@
     <Copyright>Copyright © Xero 2014</Copyright>
     <OutputPath>..\..\build\</OutputPath>
   </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <DebugType>full</DebugType>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <DebugType>pdbonly</DebugType>
-  </PropertyGroup>
   <ItemGroup>
     <Reference Include="System.IdentityModel" />
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Net.Http.WebRequest" />
-    <Reference Include="System.Data.DataSetExtensions" />
-    <Reference Include="Microsoft.CSharp" />
   </ItemGroup>
   <ItemGroup>
     <EmbeddedResource Include="Util\idsrv3test.pfx" />

From 04e9a196733aab0197482925508fff297f71f340 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 18:52:39 -0500
Subject: [PATCH 09/11] a few fixes to make the build work with the new net48
 framework and the new BIMOne prefix on the assembly identity.

---
 default.ps1                                   | 16 +++++++-------
 .../AccessTokenValidation.csproj              |  8 +++----
 .../Properties/AssemblyInfo.cs                | 22 ++++++++++++++++++-
 3 files changed, 33 insertions(+), 13 deletions(-)

diff --git a/default.ps1 b/default.ps1
index 6c4e727..1a9d79f 100644
--- a/default.ps1
+++ b/default.ps1
@@ -1,7 +1,7 @@
 properties {
 	$base_directory = Resolve-Path . 
 	$src_directory = "$base_directory\source"
-	$output_directory = "$base_directory\build"
+	$output_directory = "$base_directory\build\net48"
 	$dist_directory = "$base_directory\distribution"
 	$sln_file = "$src_directory\IdentityServer3.AccessTokenValidation.sln"
 	$target_config = "Release"
@@ -52,19 +52,19 @@ task UpdateVersion {
 }
 
 task ILMerge -depends Compile {
-	$input_dlls = "$output_directory\IdentityServer.v3.AccessTokenValidation.dll"
+	$input_dlls = "$output_directory\BIMOne.IdentityServer.v3.AccessTokenValidation.dll"
 
 	Get-ChildItem -Path $output_directory -Filter *.dll |
 		foreach-object {
-			# Exclude IdentityServer3.AccessTokenValidation.dll as that will be the primary assembly
-			if ("$_" -ne "IdentityServer3.AccessTokenValidation.dll" -and 
+			# Exclude BIMOne.IdentityServer3.AccessTokenValidation.dll as that will be the primary assembly
+			if ("$_" -ne "BIMOne.IdentityServer3.AccessTokenValidation.dll" -and 
 			    "$_" -ne "Owin.dll") {
 				$input_dlls = "$input_dlls $output_directory\$_"
 			}
 	}
 
-	New-Item $dist_directory\lib\net45 -Type Directory
-	Invoke-Expression "$ilmerge_path /targetplatform:v4 /internalize:ilmerge.exclude /allowDup /target:library /out:$dist_directory\lib\net45\IdentityServer.v3.AccessTokenValidation.dll $input_dlls"
+	New-Item $dist_directory\lib\net48 -Type Directory
+	Invoke-Expression "$ilmerge_path /targetplatform:v4 /internalize:ilmerge.exclude /allowDup /target:library /out:$dist_directory\lib\net48\IdentityServer.v3.AccessTokenValidation.dll $input_dlls"
 }
 
 task CreateNuGetPackage -depends Compile {
@@ -85,8 +85,8 @@ task CreateNuGetPackage -depends Compile {
 		$packageVersion = $packageVersion + "-build" + $buildNumber.ToString().PadLeft(5,'0')
 	}
 	
-	New-Item $dist_directory\lib\net45 -Type Directory
-	copy-item $output_directory\IdentityServer3.AccessTokenValidation.* $dist_directory\lib\net45
+	New-Item $dist_directory\lib\net48 -Type Directory
+	copy-item $output_directory\BIMOne.IdentityServer3.AccessTokenValidation.* $dist_directory\lib\net48
 
 	copy-item $src_directory\IdentityServer3.AccessTokenValidation.nuspec $dist_directory
 	exec { . $nuget_path pack $dist_directory\IdentityServer3.AccessTokenValidation.nuspec -BasePath $dist_directory -o $dist_directory -version $packageVersion }
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index a20d377..e4bde43 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -3,11 +3,9 @@
     <RootNamespace>IdentityServer3.AccessTokenValidation</RootNamespace>
     <AssemblyName>BIMOne.IdentityServer3.AccessTokenValidation</AssemblyName>
     <TargetFramework>net48</TargetFramework>
-    <AssemblyTitle>Access Token Validation Middleware for IdentityServer3</AssemblyTitle>
-    <Product>AccessTokenValidationMiddleware</Product>
-    <Copyright>Copyright ©  2015 Dominick Baier, Brock Allen &amp; Contributors</Copyright>
-    <DocumentationFile>..\..\build\IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
+    <DocumentationFile>..\..\build\BIMOne.IdentityServer3.AccessTokenValidation.xml</DocumentationFile>
     <OutputPath>..\..\build\</OutputPath>
+    <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="System.Net.Http.WebRequest" />
@@ -17,6 +15,8 @@
     <None Include="..\default.licenseheader">
       <Link>default.licenseheader</Link>
     </None>
+    
+    <Compile Include="../VersionAssemblyInfo.cs" />
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="IdentityModel" Version="5.2.0" />
diff --git a/source/AccessTokenValidation/Properties/AssemblyInfo.cs b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
index 35c6981..866f4a7 100644
--- a/source/AccessTokenValidation/Properties/AssemblyInfo.cs
+++ b/source/AccessTokenValidation/Properties/AssemblyInfo.cs
@@ -1,4 +1,4 @@
-/*
+/*
  * Copyright 2015 Dominick Baier, Brock Allen
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,6 +17,18 @@
 using System.Reflection;
 using System.Runtime.InteropServices;
 
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("Access Token Validation Middleware for IdentityServer3")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("AccessTokenValidationMiddleware")]
+[assembly: AssemblyCopyright("Copyright ©  2015 Dominick Baier, Brock Allen & Contributors")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
 // Setting ComVisible to false makes the types in this assembly not visible 
 // to COM components.  If you need to access a type in this assembly from 
 // COM, set the ComVisible attribute to true on that type.
@@ -24,3 +36,11 @@
 
 // The following GUID is for the ID of the typelib if this project is exposed to COM
 [assembly: Guid("703d6b8a-e38d-4aac-a59a-1800a3686243")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
\ No newline at end of file

From 0f31a505a8844062a904898940176bcd9080fb06 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Wed, 17 Nov 2021 21:06:08 -0500
Subject: [PATCH 10/11] increase version; set Newtonsoft.Json dependency
 version to 11.0.2.

---
 default.ps1                                               | 2 +-
 source/AccessTokenValidation/AccessTokenValidation.csproj | 2 +-
 source/IdentityServer3.AccessTokenValidation.nuspec       | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/default.ps1 b/default.ps1
index 1a9d79f..de164ce 100644
--- a/default.ps1
+++ b/default.ps1
@@ -10,7 +10,7 @@ properties {
 	$nuget_path = "$src_directory\.nuget\nuget.exe"
 	
 	$buildNumber = 0;
-	$version = "2.15.0.0"
+	$version = "2.15.1.0"
 	$preRelease = $null
 }
 
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index e4bde43..e2b75a0 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -23,6 +23,6 @@
     <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="5.2.7" />
     <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.14.1" />
     <PackageReference Include="Microsoft.Owin.Security.Jwt" Version="4.2.0" />
-    <PackageReference Include="Newtonsoft.Json" Version="10.0.3" />
+    <PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
   </ItemGroup>
 </Project>
\ No newline at end of file
diff --git a/source/IdentityServer3.AccessTokenValidation.nuspec b/source/IdentityServer3.AccessTokenValidation.nuspec
index 7e9c705..9d679f0 100644
--- a/source/IdentityServer3.AccessTokenValidation.nuspec
+++ b/source/IdentityServer3.AccessTokenValidation.nuspec
@@ -4,7 +4,7 @@
     <id>BIMOne.IdentityServer3.AccessTokenValidation</id>
     <version>0.0.0</version>
     <title>IdentityServer3 - Access Token Validation (Upgraded for BIM Track)</title>
-    <authors>Brock Allen, Dominick Baier</authors>
+    <authors>BIM One</authors>
     <owners>Brock Allen, Dominick Baier</owners>
     <projectUrl>https://github.com/bimone/IdentityServer3.AccessTokenValidation</projectUrl>
     <iconUrl>https://identityserver.github.io/Documentation/assets/images/icons/IDserver_icon128.jpg</iconUrl>
@@ -24,7 +24,7 @@
       <dependency id="Microsoft.AspNet.WebApi.Client" version="5.2.7" />
 	  <dependency id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="6.14.1" />
 	  <dependency id="Microsoft.Owin.Security.Jwt" version="4.2.0" />
-      <dependency id="Newtonsoft.Json" version="10.0.0" />
+      <dependency id="Newtonsoft.Json" version="11.0.2" />
     </dependencies>
   </metadata>
 </package>

From 53bf1861556ef85fbc9d6857bdba48b6802d3e1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20G=C3=A9lineau?= <ismael.gelineau@bimone.com>
Date: Thu, 18 Nov 2021 11:25:48 -0500
Subject: [PATCH 11/11] cleanup

---
 .../Util/TokenFactory.cs                      |  7 ++--
 ...arerTokenValidationAppBuilderExtensions.cs | 32 -------------------
 2 files changed, 2 insertions(+), 37 deletions(-)

diff --git a/source/AccessTokenValidation.Tests/Util/TokenFactory.cs b/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
index 2ebdc6b..7133f1a 100644
--- a/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
+++ b/source/AccessTokenValidation.Tests/Util/TokenFactory.cs
@@ -1,5 +1,4 @@
-using IdentityModel;
-using System;
+using System;
 using System.Collections.Generic;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
@@ -47,10 +46,8 @@ public static JwtSecurityToken CreateToken(
             }
 
             scope?.ToList().ForEach(s => additionalClaims.Add(new Claim("scope", s)));
-
-            var credential = new System.IdentityModel.Tokens.X509SigningCredentials(signingCertificate ?? DefaultSigningCertificate);
+            
             var signingKey = new SigningCredentials(new X509SecurityKey(DefaultSigningCertificate), SecurityAlgorithms.RsaSha256Signature);
-
             var token = new JwtSecurityToken(
                 issuer ?? DefaultIssuer,
                 audience ?? DefaultAudience,
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
index 358003a..f5eeaa9 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
@@ -212,37 +212,5 @@ internal static Lazy<OAuthBearerAuthenticationOptions> ConfigureLocalValidation(
 
             }, LazyThreadSafetyMode.PublicationOnly);
         }
-        
-        // public delegate IEnumerable<SecurityKey> IssuerSigningKeyResolver(
-        //     string token,
-        //     SecurityToken securityToken,
-        //     string kid,
-        //     TokenValidationParameters validationParameters);
-        //
-        // private static IEnumerable<System.IdentityModel.Tokens.SecurityKey> ResolveRsaKeys(
-        //     string token, 
-        //     Microsoft.IdentityModel.Tokens.SecurityToken securityToken, 
-        //     SecurityKeyIdentifier keyIdentifier, 
-        //     TokenValidationParameters validationParameters)
-        // {
-        //     string id = null;
-        //     foreach (System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyId in keyIdentifier)
-        //     {
-        //         id = keyId.Id;
-        //         /*var nk = keyId as NamedKeySecurityKeyIdentifierClause;
-        //         if (nk != null)
-        //         {
-        //             id = nk.Id;
-        //             break;
-        //         }*/
-        //     }
-        //
-        //     if (id == null) return null;
-        //
-        //     var issuerToken = validationParameters.key.IssuerSigningTokens.FirstOrDefault(it => it.Id == id);
-        //     if (issuerToken == null) return null;
-        //
-        //     return issuerToken.SecurityKeys.FirstOrDefault();
-        // }
     }
 }
\ No newline at end of file