This project has moved and is read-only. For the latest updates, please go here.

ValidatingIssuerNameRegistry in OWIN Middleware

Mar 24, 2015 at 11:45 PM
I'm in the process of converting a Web API project that uses WsFederation against an ADFS server over to NancyFX. As part of this I am using the newer Microsoft.Owin.Security.WsFederation middleware as follows (certain fields left blank intentionally):
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
                MetadataAddress = "",
                Wtrealm = "",
                TokenValidationParameters = new TokenValidationParameters
                    ValidateIssuer = false,
                    ValidateAudience = false,
                    ValidateIssuerSigningKey = false
This seems to work fine, I get redirected to our ADFS server and I can authenticate without issues. However, as you can see I am not validating the issuer which currently I can't seem to get working. In the current Web API project, we are using ValidatingIssuerNameRegistry, configured in the web.config as follows:
<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
        <authority name="">
            <add thumbprint="" />
            <add name="" />
My question is, how do I port this over to the new OWIN middleware components?