Convert validation delegates to interfaces in Experimental namespace

src/Microsoft.IdentityModel.JsonWebTokens/Experimental/JsonWebTokenHandler.DecryptToken.cs

@@ -89,7 +89,7 @@ internal ValidationResult<string, ValidationError> DecryptToken(
             // If no key found in VP, we'll check the configuration.
             if (validationParameters.DecryptionKeyResolver != null)
             {
-                keys = validationParameters.DecryptionKeyResolver(jwtToken.EncodedToken, jwtToken, jwtToken.Kid, validationParameters, callContext);
+                keys = validationParameters.DecryptionKeyResolver.ResolveDecryptionKey(jwtToken.EncodedToken, jwtToken, jwtToken.Kid, validationParameters, callContext);
             }
             else
             {

src/Microsoft.IdentityModel.JsonWebTokens/Experimental/JsonWebTokenHandler.ValidateSignature.cs

@@ -39,13 +39,13 @@ internal static ValidationResult<SecurityKey, ValidationError> ValidateSignature
                     nameof(validationParameters),
                     ValidationError.GetCurrentStackFrame());
 
-            // Delegate is set by the user, we call it and return the result.
+            // Validator is set by the user, we call it and return the result.
             if (validationParameters.SignatureValidator is not null)
             {
                 try
                 {
                     ValidationResult<SecurityKey, ValidationError> signatureValidationResult =
-                        validationParameters.SignatureValidator(
+                        validationParameters.SignatureValidator.ValidateSignature(
                             jwtToken,
                             validationParameters,
                             configuration,
@@ -79,7 +79,7 @@ internal static ValidationResult<SecurityKey, ValidationError> ValidateSignature
             SecurityKey? key = null;
             if (validationParameters.SignatureKeyResolver is not null)
             {
-                key = validationParameters.SignatureKeyResolver(
+                key = validationParameters.SignatureKeyResolver.ResolveSignatureKey(
                     jwtToken.EncodedToken,
                     jwtToken,
                     jwtToken.Kid,

src/Microsoft.IdentityModel.JsonWebTokens/Experimental/JwtTokenUtilities.DecryptTokenResult.cs

@@ -60,7 +60,7 @@ internal static ValidationResult<string, ValidationError> DecryptJwtToken(
                         continue;
                     }
 
-                    ValidationResult<string, ValidationError> result = validationParameters.AlgorithmValidator(zipAlgorithm, jsonWebToken, validationParameters, callContext);
+                    ValidationResult<string, ValidationError> result = validationParameters.AlgorithmValidator.ValidateAlgorithm(zipAlgorithm, jsonWebToken, validationParameters, callContext);
                     if (!result.Succeeded)
                     {
                         (exceptionStrings ??= new StringBuilder()).AppendLine(result.Error!.MessageDetail.Message);

src/Microsoft.IdentityModel.Tokens.Saml/Saml/Experimental/SamlTokenUtilities.Experimental.cs

@@ -76,12 +76,12 @@ internal static ValidationResult<SecurityKey, ValidationError> ValidateSignature
                     ValidationError.GetCurrentStackFrame());
             }
 
-            // Delegate is set by the user, we call it and return the result.
+            // Validator is set by the user, we call it and return the result.
             if (validationParameters.SignatureValidator is not null)
             {
                 try
                 {
-                    return validationParameters.SignatureValidator(
+                    return validationParameters.SignatureValidator.ValidateSignature(
                         securityToken,
                         validationParameters,
                         configuration,
@@ -113,7 +113,7 @@ internal static ValidationResult<SecurityKey, ValidationError> ValidateSignature
             SecurityKey key = null;
             if (validationParameters.SignatureKeyResolver is not null)
             {
-                key = validationParameters.SignatureKeyResolver(
+                key = validationParameters.SignatureKeyResolver.ResolveSignatureKey(
                     canonicalString,
                     securityToken,
                     signature.KeyInfo?.Id,

src/Microsoft.IdentityModel.Tokens/Experimental/DefaultValidators.cs

@@ -0,0 +1,126 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using System.Threading;
+using System;
+
+#nullable enable
+namespace Microsoft.IdentityModel.Tokens.Experimental
+{
+    /// <summary>
+    /// Default implementation of <see cref="IAlgorithmValidator"/> that uses the static Validators.ValidateAlgorithm method.
+    /// </summary>
+    internal class DefaultAlgorithmValidator : IAlgorithmValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<string, ValidationError> ValidateAlgorithm(
+            string? algorithm,
+            SecurityToken securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateAlgorithm(algorithm, securityToken, validationParameters, callContext);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="IAudienceValidator"/> that uses the static Validators.ValidateAudience method.
+    /// </summary>
+    internal class DefaultAudienceValidator : IAudienceValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<string, ValidationError> ValidateAudience(
+            IList<string> tokenAudiences,
+            SecurityToken? securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateAudience(tokenAudiences, securityToken, validationParameters, callContext);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="IIssuerValidator"/> that uses the static Validators.ValidateIssuerAsync method.
+    /// </summary>
+    internal class DefaultIssuerValidator : IIssuerValidator
+    {
+        /// <inheritdoc/>
+        public Task<ValidationResult<ValidatedIssuer, ValidationError>> ValidateIssuerAsync(
+            string issuer,
+            SecurityToken securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext,
+            CancellationToken cancellationToken)
+        {
+            return Validators.ValidateIssuerAsync(issuer, securityToken, validationParameters, callContext, cancellationToken);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="ISignatureKeyValidator"/> that uses the static Validators.ValidateSignatureKey method.
+    /// </summary>
+    internal class DefaultSignatureKeyValidator : ISignatureKeyValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<ValidatedSignatureKey, ValidationError> ValidateSignatureKey(
+            SecurityKey signingKey,
+            SecurityToken securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateSignatureKey(signingKey, securityToken, validationParameters, callContext);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="ILifetimeValidator"/> that uses the static Validators.ValidateLifetime method.
+    /// </summary>
+    internal class DefaultLifetimeValidator : ILifetimeValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<ValidatedLifetime, ValidationError> ValidateLifetime(
+            DateTime? notBefore,
+            DateTime? expires,
+            SecurityToken? securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateLifetime(notBefore, expires, securityToken, validationParameters, callContext);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="ITokenReplayValidator"/> that uses the static Validators.ValidateTokenReplay method.
+    /// </summary>
+    internal class DefaultTokenReplayValidator : ITokenReplayValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<DateTime?, ValidationError> ValidateTokenReplay(
+            DateTime? expirationTime,
+            string securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateTokenReplay(expirationTime, securityToken, validationParameters, callContext);
+        }
+    }
+
+    /// <summary>
+    /// Default implementation of <see cref="ITokenTypeValidator"/> that uses the static Validators.ValidateTokenType method.
+    /// </summary>
+    internal class DefaultTokenTypeValidator : ITokenTypeValidator
+    {
+        /// <inheritdoc/>
+        public ValidationResult<ValidatedTokenType, ValidationError> ValidateTokenType(
+            string? type,
+            SecurityToken? securityToken,
+            ValidationParameters validationParameters,
+            CallContext callContext)
+        {
+            return Validators.ValidateTokenType(type, securityToken, validationParameters, callContext);
+        }
+    }
+}
+#nullable restore