Microsoft.Owin.Security.OAuth Version=3.0.0 Tokens support

[horbel]

Hi all. I have Authorization server which built on .NET 4.5.1 and use Microsoft.Owin.Security.OAuth Version=3.0.0
http://prntscr.com/hvwhl4
Tokens protected via machinkey (OAuthAuthorizationServerOptions.AccessTokenFormat is null). I also have few application-consumers(resource servers) on .NET 4.5.1 which validate these tokens via custom AuthorizeAttribute (System.Web.Http Version=5.2.3.0) http://prntscr.com/hvwwdu http://prntscr.com/hvwiwr . I also can read claims from token using this attribute. All these applications have the same machinkey in web.config

Now I try to build .net core 2.0 application and I need to use the same tokens from my Auth server(.net 4.5.1 owin 3.0.0). How can I validate and read claims from Microsoft.Owin.Security.OAuth(3.0.0) tokens in .net core 2.0?

[horbel]

I think I find a kind of solution. I use AspNet.Security.OAuth.Validation assembly: http://prntscr.com/hw1u5m

But I still don't find out how to use machine key to "decode" bearer token from my Auth server

[blowdart]

This issue was moved to aspnet/Security#1592