public static IServiceCollection AddCustomAuthorization(this IServiceCollection services, JwtConfig jwtConfig)
{
services.AddAuthorization(p =>
{
p.AddPolicy("AdminPolicy", q =>
{
q.RequireAuthenticatedUser();
q.RequireRole("Admin");
});
p.AddPolicy("BasicPolicy", q =>
{
q.RequireAuthenticatedUser();
q.RequireRole("Basic");
});
});
return(services);
}
// TODO : Microsoft.Extensions.Configuration.SecretManager
public static IServiceCollection AddCustomAuthentication(this IServiceCollection services, JwtConfig jwtConfig)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(option =>
{
option.Authority = jwtConfig.Issuer;
option.RequireHttpsMetadata = false;
option.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = new[] { jwtConfig.Audience },
// RoleClaimType = "role",
//NameClaimType = "name",
// RoleClaimType = "role"
};
//option.ApiName = "api1";
// option.Audience = "api1";
// option.SaveToken = true;
//option.TokenValidationParameters = new TokenValidationParameters
//{
// ValidateIssuer = true,
// ValidateAudience = true,
// ValidateLifetime = true,
// ValidateIssuerSigningKey = true,
// ValidIssuer = jwtConfig.Issuer,
// ValidAudience = jwtConfig.Issuer,
// IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtConfig.Key))
//};
});
return(services);
}
