private void AddAuthentication(IServiceCollection services, AuthenticationOptions authenticationOptions) { services.Configure <AuthenticationOptions>(_configuration.GetSection("Authentication")); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(o => { o.Authority = authenticationOptions.Authority; o.Audience = authenticationOptions.ClientId; }); services.AddSingleton <IClaimsTransformation, ScopeClaimSplitTransformation>(); }
public void ConfigureServices(IServiceCollection services) { services.AddControllers(); AuthenticationOptions authenticationOptions = _configuration.GetSection("Authentication").Get <AuthenticationOptions>(); AddAuthentication(services, authenticationOptions); AddAuthorization(services); AddSwagger(services, authenticationOptions); }
private static void AddSwagger(IServiceCollection services, AuthenticationOptions authenticationOptions) { services.AddSwaggerGen(o => { // Setup our document's basic info o.SwaggerDoc("v1", new OpenApiInfo { Title = "Joy API", Version = "1.0" }); // Define that the API requires OAuth 2 tokens o.AddSecurityDefinition("aad-jwt", new OpenApiSecurityScheme { Type = SecuritySchemeType.OAuth2, Flows = new OpenApiOAuthFlows { // We only define implicit though the UI does support authorization code, client credentials and password grants // We don't use authorization code here because it requires a client secret, which makes this sample more complicated by introducing secret management // Client credentials could work, but not when the UI client id == API client id. We'd need a separate registration and granting app permissions to that. And also needs a secret. // Password grant we don't use because... you shouldn't be using it. Implicit = new OpenApiOAuthFlow { AuthorizationUrl = new Uri(authenticationOptions.AuthorizationUrl), Scopes = DelegatedPermissions.All.ToDictionary(p => $"{authenticationOptions.ApplicationIdUri}/{p}") } } }); // Add security requirements to operations based on [Authorize] attributes o.OperationFilter <OAuthSecurityRequirementOperationFilter>(); // Include XML comments to documentation //string xmlDocFilePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "AADIdentityService.API.xml"); //o.IncludeXmlComments(xmlDocFilePath); }); }