@jamie.hughes pointed me to this gist that might be useful if you want to use RS256:
It’s not a direct fit, but can basically replace lines 48-54 with
Thread.CurrentPrincipal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
If you create the TokenValidationParameters instance every time you will be loading an external certificate an unnecessary number of times. You might want to cache the instance with an IoC framework, but that’s up to you.