public static IServiceCollection AddCSharpJWTAuthentication(this IServiceCollection services,
Action <TokenValidationOptions> options = null)
{
var validationOptions = new TokenValidationOptions(Configuration.Issuer, Configuration.SecurityKey);
options?.Invoke(validationOptions);
services.AddSingleton(validationOptions);
//https://medium.com/faun/asp-net-core-entity-framework-core-with-postgresql-code-first-d99b909796d7
services.AddAuthentication(opts =>
{
opts.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(opts =>
{
opts.TokenValidationParameters = validationOptions.GenerateTokenValidationParameters();
});
services.AddSingleton <ICSharpAuthenticateService, CSharpAuthenticateService>();
services.AddHttpClient(Constant.CSharpAuthenticateService, c => c.BaseAddress = new Uri(Configuration.Issuer))
.SetHandlerLifetime(TimeSpan.FromSeconds(5));
return(services);
}
public CSharpAuthenticateServiceBase(IHttpClientFactory clientFactory,
TokenValidationOptions options)
{
_client = clientFactory.CreateClient(Constant.CSharpAuthenticateService);
_options = options;
}
public IdentityService(IdentityClient identityClient, IHttpContextAccessor httpContextAccessor,
IOptions <TokenValidationOptions> optionsAccessor)
{
IdentityClient = identityClient;
//HttpContextAccessor = httpContextAccessor;
TokenValidationOptions = optionsAccessor.Value;
HttpContext = httpContextAccessor.HttpContext;
Client = IdentityClient.Client;
}
private static void ConfigureJwtBearerAuthentication(IApplicationBuilder app)
{
TokenValidationOptions tokenValidationOptions = app.ApplicationServices.GetService <IOptions <TokenValidationOptions> >().Value;
app.UseJwtBearerAuthentication(new JwtBearerOptions()
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = new TokenValidationParameters()
{
ValidIssuer = tokenValidationOptions.Issuer,
ValidAudience = tokenValidationOptions.Audience,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenValidationOptions.IssuerSigningKey)),
ValidateLifetime = true
}
});
}
public override void Configure(IFunctionsHostBuilder builder)
{
builder.Services.AddConfiguration();
builder.Services.AddHttpClient();
builder.Services.AddTransient <ITokenService, TokenService>();
builder.Services.AddTransient <IIdentityService, IdentityService>();
builder.Services.AddTransient <ITokenValidatorService, TokenValidatorService>();
builder.Services.AddSingleton <IAzureAdb2COptions>((provider) =>
{
var config = provider.GetService <IConfiguration>();
var prefix = "Adb2c";
var options = new AzureAdb2COptions
{
ClientId = config[$"{prefix}:ClientId"],
Tenant = config[$"{prefix}:Tenant"],
SignUpSignInPolicyId = config[$"{prefix}:SignUpSignInPolicyId"],
ResetPasswordPolicyId = config[$"{prefix}:ResetPasswordPolicyId"],
EditProfilePolicyId = config[$"{prefix}:EditProfilePolicyId"],
RedirectUri = config[$"{prefix}:RedirectUri"],
ClientSecret = config[$"{prefix}:ClientSecret"],
ApiUrl = config[$"{prefix}:ApiUrl"],
ApiScopes = config[$"{prefix}:ApiScopes"]
};
return(options);
});
builder.Services.AddSingleton <ITokenValidationOptions>((provider) =>
{
var config = provider.GetService <IConfiguration>();
var prefix = "Adb2c";
var options = new TokenValidationOptions
{
ClientId = config[$"{prefix}:ClientId"],
Issuer = config[$"{prefix}:Issuer"],
RsaModulus = config[$"{prefix}:RsaModulus"],
RsaExponent = config[$"{prefix}:RsaExponent"]
};
return(options);
});
}
public CSharpAuthenticateService(IHttpClientFactory clientFactory, TokenValidationOptions options) : base(clientFactory, options)
{
}
/// <summary>
/// Ensure that the serialized token validates correctly.
/// </summary>
/// <param name="serializedToken"></param>
public async Task ValidateSerializedToken(string serializedToken, object expectedBody, TokenValidationOptions tokenOptions = default)
{
var parsedToken = new TestAttestationToken(serializedToken);
Assert.IsTrue(await parsedToken.ValidateTokenAsync(tokenOptions ?? new TokenValidationOptions(validateExpirationTime: true), null));
// The body of the token should match the expected body.
Assert.AreEqual(JsonSerializer.Serialize(expectedBody), parsedToken.TokenBody);
}
public AccountController(IUserService userService, IOptions <TokenValidationOptions> tokenValidationOptions)
{
_userService = userService;
_tokenValidationOptions = tokenValidationOptions.Value;
}
