I have the code below:
var tokenDescriptor = new SecurityTokenDescriptor()
{
NotBefore = DateTime.UtcNow,
Expires = DateTime.UtcNow.AddSeconds(client.AccessTokenLifetime),
Issuer = issuer,
Audience = (await _apiResourcesStore.FindByScopesNameAsync(tokenRequest.Scope.Split(" ").ToList())).Select(p => p.Name).ToArray(),
}
and I want add multiple audiences, but Audience type is string. Is there any way to cheat the token descriptor? Or maybe there is an alternative for token descriptor?
I did it and now it's working:
var tokenDescriptor = new SecurityTokenDescriptor()
{
NotBefore = DateTime.UtcNow,
Expires = DateTime.UtcNow.AddSeconds(client.AccessTokenLifetime),
Issuer = issuer,
Claims = new Dictionary<string, object>
{
{ JwtRegisteredClaimNames.Aud, (await _apiResourcesStore.FindByScopesNameAsync(tokenRequest.Scope.Split(" ").ToList())).Select(p => p.Name).ToArray() }
}
};
I just added new Claim.