I have created a token using any of the algorithm say HS256, when this is passed to resource server, I can see the implementation like below
TokenValidationParameters validationParameters = new TokenValidationParameters()
{
ValidAudience = ActiveDirectory.audience,
ValidIssuer = ActiveDirectory.issuer,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
LifetimeValidator = this.LifetimeValidator,
IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(ActiveDirectory.clientSecret))
};
Notice here that while validating token, No algorithm is passed (it must be HS256 to compare hashing).
Now lets say, I have changed algorithm while creating token from HS256 to HS512, Here my resource server still validates the token successfully ?
Could anyone help me specifying algorithm on resource server to validate against token.