Beispiel #1
0
        private static void AddJwtAuthentication(IServiceCollection services, IConfiguration configuration)
        {
            JwtIssuerOptions      jwtIssuerOptions        = new JwtIssuerOptions();
            IConfigurationSection jwtIssuerOptionsSection = configuration.GetSection(nameof(JwtIssuerOptions));

            jwtIssuerOptionsSection.Bind(jwtIssuerOptions);

            ServiceProvider serviceProvider = services.BuildServiceProvider();

            using (IServiceScope scope = serviceProvider.CreateScope())
            {
                scope.ServiceProvider.GetRequiredService <IDataProtector>().SetDataProtector();
                IDataKeyProvider dataKeyProvider = scope.ServiceProvider.GetRequiredService <IDataKeyProvider>();

                DataKey dataKey = dataKeyProvider.GetAsync(SharedDataKeys.Authentication).Result;

                services.Configure <JwtIssuerOptions>(options =>
                {
                    options.Issuer             = jwtIssuerOptions.Issuer;
                    options.Audience           = jwtIssuerOptions.Audience;
                    options.SigningKey         = dataKey.Value;
                    options.SigningCredentials = new SigningCredentials(dataKey.Value, SecurityAlgorithms.HmacSha256);
                });

                TokenValidationParameters tokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    ValidIssuers   = new List <string>
                    {
                        jwtIssuerOptions.Issuer
                    },
                    ValidateAudience = true,
                    ValidAudiences   = new List <string>
                    {
                        jwtIssuerOptions.Audience
                    },
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKeys        = new List <SecurityKey>
                    {
                        dataKey.Value
                    },
                    RequireExpirationTime = true,
                    ValidateLifetime      = true,
                    ClockSkew             = TimeSpan.Zero
                };

                services.AddAuthentication(options =>
                {
                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                    options.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
                }).AddJwtBearer(configureOptions =>
                {
                    configureOptions.TokenValidationParameters = tokenValidationParameters;
                    configureOptions.SaveToken = true;
                });
            }
        }
Beispiel #2
0
        public async Task <string> ProtectAsync <T>(T data, string keyName)
        {
            DataKey dataKey = await _dataKeyProvider.GetAsync(keyName);

            return(_encryptionFactory.Encrypt(data, dataKey.Value));
        }
Beispiel #3
0
 public Task <DataKey> GetAsync(string name)
 {
     return(_cacheService.GetOrAddAsync(new DataKeyCacheKey(name), () => _dataKeyProvider.GetAsync(name)));
 }
Beispiel #4
0
        public async Task <HashSet> StaticHashAsync(string data, string saltName)
        {
            DataKey dataKey = await _dataKeyProvider.GetAsync(saltName);

            return(await _hashFactory.GenerateHashAsync(data, Encoding.UTF8.GetString(dataKey.Value.Key)));
        }