From 25d0d07ee96ff714bda0bc745d4f84e7f03a4d87 Mon Sep 17 00:00:00 2001
From: Westin Musser <westinmusser@microsoft.com>
Date: Wed, 12 Jun 2024 14:21:54 -0700
Subject: [PATCH 1/3] add base methods

---
 .../TokenHandler.cs                           | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
index bba4f7c69b..26ceca7b30 100644
--- a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
+++ b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
@@ -5,6 +5,7 @@
 using System;
 using System.ComponentModel;
 using System.Security.Claims;
+using System.Text.Json;
 using System.Threading.Tasks;
 using static Microsoft.IdentityModel.Logging.LogHelper;
 
@@ -53,8 +54,23 @@ public int TokenLifetimeInMinutes
             set => _defaultTokenLifetimeInMinutes = (value < 1) ? throw LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), FormatInvariant(LogMessages.IDX10104, LogHelper.MarkAsNonPII(value)))) : value;
         }
 
+        /// <summary>
+        /// Gets the <see cref="JsonTokenType"/> of the token.
+        /// </summary>
+        public JsonTokenType TokenType { get; }
+
         #region methods
 
+        /// <summary>
+        /// Validates a token.
+        /// On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property.
+        /// Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result.
+        /// </summary>
+        /// <param name="token">The token to be validated.</param>
+        /// <param name="validationParameters">A <see cref="TokenValidationParameters"/> required for validation.</param>
+        /// <returns>A <see cref="TokenValidationResult"/></returns>
+        public virtual TokenValidationResult ValidateToken(string token, TokenValidationParameters validationParameters) => throw new NotImplementedException();
+
         /// <summary>
         /// Validates a token.
         /// On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property.
@@ -75,6 +91,21 @@ public int TokenLifetimeInMinutes
         /// <returns>A <see cref="TokenValidationResult"/></returns>
         public virtual Task<TokenValidationResult> ValidateTokenAsync(SecurityToken token, TokenValidationParameters validationParameters) => throw new NotImplementedException();
 
+        /// <summary>
+        /// Evaluates whether a token can be converted into an instance of <see cref="SecurityToken"/>.
+        /// </summary>
+        /// <param name="token">The string to be evaluated.</param>
+        /// <returns>A <see cref="bool"/>.</returns>
+        public virtual bool CanReadToken(string token) => throw new NotImplementedException();
+
+        /// <summary>
+        /// Creates a token as described by the provided <see cref="SecurityTokenDescriptor"/>.
+        /// </summary>
+        /// <param name="tokenDescriptor">The <see cref="SecurityTokenDescriptor"/> used to create the token.</param>
+        /// <returns>A <see cref="string"/>.</returns>
+        /// <exception cref="NotImplementedException"></exception>
+        public virtual string CreateToken(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
+
         /// <summary>
         /// Converts a string into an instance of <see cref="SecurityToken"/>.
         /// </summary>

From 57388150efc876b1b8c285dcb126e4a69ac99992 Mon Sep 17 00:00:00 2001
From: Westin Musser <westinmusser@microsoft.com>
Date: Fri, 14 Jun 2024 12:27:05 -0700
Subject: [PATCH 2/3] update names of base methods

---
 .../JsonWebTokenHandler.cs                    |  2 +-
 .../SecurityTokenHandler.cs                   | 11 ------
 .../TokenHandler.cs                           | 34 +++++++------------
 .../json/JsonWebTokenHandler.cs               |  2 +-
 4 files changed, 15 insertions(+), 34 deletions(-)

diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
index cf4ad2e264..771140bdb2 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
@@ -137,7 +137,7 @@ public IDictionary<string, string> InboundClaimTypeMap
         /// <para>'false' if token.Length is greater than <see cref="TokenHandler.MaximumTokenSizeInBytes"/>.</para>
         /// <para>'true' if the token is in JSON compact serialization format.</para>
         /// </returns>
-        public virtual bool CanReadToken(string token)
+        public override bool CanReadToken(string token)
         {
             if (string.IsNullOrWhiteSpace(token))
                 return false;
diff --git a/src/Microsoft.IdentityModel.Tokens/SecurityTokenHandler.cs b/src/Microsoft.IdentityModel.Tokens/SecurityTokenHandler.cs
index c7d48322a1..2bb78bc0ce 100644
--- a/src/Microsoft.IdentityModel.Tokens/SecurityTokenHandler.cs
+++ b/src/Microsoft.IdentityModel.Tokens/SecurityTokenHandler.cs
@@ -79,17 +79,6 @@ public virtual bool CanReadToken(XmlReader reader)
             return false;
         }
 
-        /// <summary>
-        /// Indicates whether the current token string can be read as a token 
-        /// of the type handled by this instance.
-        /// </summary>
-        /// <param name="tokenString">The token string thats needs to be read.</param>
-        /// <returns>'True' if the ReadToken method can parse the token string.</returns>
-        public virtual bool CanReadToken(string tokenString)
-        {
-            return false;
-        }
-
         /// <summary>
         /// Gets security token.
         /// </summary>
diff --git a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
index 26ceca7b30..89bb653523 100644
--- a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
+++ b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
@@ -54,23 +54,8 @@ public int TokenLifetimeInMinutes
             set => _defaultTokenLifetimeInMinutes = (value < 1) ? throw LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), FormatInvariant(LogMessages.IDX10104, LogHelper.MarkAsNonPII(value)))) : value;
         }
 
-        /// <summary>
-        /// Gets the <see cref="JsonTokenType"/> of the token.
-        /// </summary>
-        public JsonTokenType TokenType { get; }
-
         #region methods
 
-        /// <summary>
-        /// Validates a token.
-        /// On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property.
-        /// Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result.
-        /// </summary>
-        /// <param name="token">The token to be validated.</param>
-        /// <param name="validationParameters">A <see cref="TokenValidationParameters"/> required for validation.</param>
-        /// <returns>A <see cref="TokenValidationResult"/></returns>
-        public virtual TokenValidationResult ValidateToken(string token, TokenValidationParameters validationParameters) => throw new NotImplementedException();
-
         /// <summary>
         /// Validates a token.
         /// On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property.
@@ -92,20 +77,27 @@ public int TokenLifetimeInMinutes
         public virtual Task<TokenValidationResult> ValidateTokenAsync(SecurityToken token, TokenValidationParameters validationParameters) => throw new NotImplementedException();
 
         /// <summary>
-        /// Evaluates whether a token can be converted into an instance of <see cref="SecurityToken"/>.
+        /// Indicates whether the current token string can be read as a token 
+        /// of the type handled by this instance.
         /// </summary>
-        /// <param name="token">The string to be evaluated.</param>
-        /// <returns>A <see cref="bool"/>.</returns>
-        public virtual bool CanReadToken(string token) => throw new NotImplementedException();
+        /// <param name="tokenString">The token string thats needs to be read.</param>
+        /// <returns>'True' if the ReadToken method can parse the token string.</returns>
+        public virtual bool CanReadToken(string tokenString) => false;
 
         /// <summary>
-        /// Creates a token as described by the provided <see cref="SecurityTokenDescriptor"/>.
+        /// Creates a <see cref="SecurityToken"/> as a <see cref="string"/> as described by the provided <see cref="SecurityTokenDescriptor"/>.
         /// </summary>
         /// <param name="tokenDescriptor">The <see cref="SecurityTokenDescriptor"/> used to create the token.</param>
         /// <returns>A <see cref="string"/>.</returns>
         /// <exception cref="NotImplementedException"></exception>
-        public virtual string CreateToken(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
+        public virtual string CreateSecuritTokenAsString(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
 
+        /// <summary>
+        /// Creates a <see cref="SecurityToken"/> as described by the provided <see cref="SecurityTokenDescriptor"/>.
+        /// </summary>
+        /// <param name="tokenDescriptor"><see cref="SecurityTokenDescriptor"/></param>
+        public virtual SecurityToken CreateSecurityToken(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
+        
         /// <summary>
         /// Converts a string into an instance of <see cref="SecurityToken"/>.
         /// </summary>
diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/json/JsonWebTokenHandler.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/json/JsonWebTokenHandler.cs
index 9f0a37702a..c1b41bd032 100644
--- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/json/JsonWebTokenHandler.cs
+++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/json/JsonWebTokenHandler.cs
@@ -152,7 +152,7 @@ internal static IDictionary<string, object> AddCtyClaimDefaultValue(IDictionary<
         /// <para>'false' if token.Length is greater than <see cref="TokenHandler.MaximumTokenSizeInBytes"/>.</para>
         /// <para>'true' if the token is in JSON compact serialization format.</para>
         /// </returns>
-        public virtual bool CanReadToken(string token)
+        public override bool CanReadToken(string token)
         {
             if (string.IsNullOrWhiteSpace(token))
                 return false;

From e96c148b2f1f2f96d2f649a88fea1e7ca456ae3e Mon Sep 17 00:00:00 2001
From: Westin Musser <westinmusser@microsoft.com>
Date: Fri, 14 Jun 2024 12:53:18 -0700
Subject: [PATCH 3/3] typo

---
 src/Microsoft.IdentityModel.Tokens/TokenHandler.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
index 89bb653523..11c62d48cd 100644
--- a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
+++ b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs
@@ -90,7 +90,7 @@ public int TokenLifetimeInMinutes
         /// <param name="tokenDescriptor">The <see cref="SecurityTokenDescriptor"/> used to create the token.</param>
         /// <returns>A <see cref="string"/>.</returns>
         /// <exception cref="NotImplementedException"></exception>
-        public virtual string CreateSecuritTokenAsString(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
+        public virtual string CreateSecurityTokenAsString(SecurityTokenDescriptor tokenDescriptor) => throw new NotImplementedException();
 
         /// <summary>
         /// Creates a <see cref="SecurityToken"/> as described by the provided <see cref="SecurityTokenDescriptor"/>.