Getting signature validation failed error while adding bearer authentication to webapi to validate service token generated by client

See more:

C#

Azure

authentication

WebAPI2

I had a requirement to use Ad authentication for web api I had implimented using "WindowsAzureActiveDirectoryBearerAuthenticationOptions" but i am getting below error at ValidateToken while I am hitting with the client

IDX10500: Signature validation failed. Unable to resolve SecurityKeyIdentifier: 'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 2,
Clause[0] = X509ThumbprintKeyIdentifierClause(Hash = 0x8818CBD5172ACE18B2E1FA71231759AA884CD989),
Clause[1] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
',
token: {-------------------}

What I have tried:

Below is the my start up file

public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
ConfigureAuth(app);
WebApiConfig.Register(config);
app.UseCors(CorsOptions.AllowAll);
app.UseWebApi(config);
}

private void ConfigureAuth(IAppBuilder app)
{
var _x509DataProtector = GetX509Certificate(ConfigurationManager.AppSettings["CertificateThumbPrint"]);
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
{
ValidIssuers = ConfigurationManager.AppSettings["Audience"].Split(','),
ValidateIssuer = true,
SaveSigninToken = false,
IssuerSigningKey = X509AsymmetricSecurityKey(_x509DataProtector),

},
Tenant = ConfigurationManager.AppSettings["Tenant"],
Provider= new OAuthBearerProvider()
});

}


Below is the class where i want to validate the token

public class OAuthBearerProvider : OAuthBearerAuthenticationProvider
{
public override Task RequestToken(OAuthRequestTokenContext context)
{
try
{
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken securityToken;

var _x509DataProtector = GetX509Certificate(ConfigurationManager.AppSettings["CertificateThumbPrint"]);

var validationParameters = new TokenValidationParameters()
{
ValidateAudience = true,
ValidAudiences = ConfigurationManager.AppSettings["Audience"].Split(','),
IssuerSigningKey = new X509SecurityKey(_x509DataProtector),
};

var auth = context.OwinContext.Request.Headers["Authorization"];

if (!string.IsNullOrWhiteSpace(auth) && auth.Contains("Bearer"))
{
var token = auth.Split(' ')[1];

var pr = tokenHandler.CanValidateToken;
//I am getting the above error at this line
var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);

context.Request.User = principal;
}
}
catch (Exception ex)
{
var message = ex.Message;
return Task.FromResult<object>(context);
}
return Task.FromResult<object>(context);
}
public override Task ValidateIdentity(OAuthValidateIdentityContext context)
{
return Task.FromResult<object>(context);
}
}


I had referred some tutorial regarding asymmetric RSA256 where a public key is used to pass for IssuerSigningToken , Here can i asumme the public key as client's app id if that is true how can i assign it to IssuerSigningToken or IssuerSigningKey in TokenValidationParameters.