Beispiel #1
0
        /// <summary>
        /// Extension method to register the authentication services.
        /// </summary>
        /// <param name="services">IServiceCollection instance.</param>
        /// <param name="configuration">IConfiguration instance.</param>
        public static void AddLearnNowAuthentication(this IServiceCollection services, IConfiguration configuration)
        {
            configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));

            // This works specifically for single tenant application.
            AuthenticationServiceCollectionExtensions.ValidateAuthenticationConfigurationSettings(configuration);

            services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; })
            .AddJwtBearer(options =>
            {
                var botOptions     = new BotSettings();
                var azureADOptions = new AzureADOptions();

                configuration.Bind("Bot", botOptions);
                configuration.Bind("AzureAd", azureADOptions);

                options.Authority = $"{azureADOptions.Instance}/{botOptions.TenantId}/v2.0";
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidAudiences    = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration),
                    ValidIssuers      = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration),
                    AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator,
                };
            });

            RegisterAuthorizationPolicy(services);
        }
Beispiel #2
0
        /// <summary>
        /// Gets a collection of valid issuer.
        /// </summary>
        /// <param name="configuration">Represents a set of key/value application configuration properties.</param>
        /// <returns>A collection of valid issuer.</returns>
        private static IEnumerable <string> GetValidIssuers(IConfiguration configuration)
        {
            var tenantId = configuration[AuthenticationServiceCollectionExtensions.TenantIdConfigurationSettingsKey];

            var validIssuers =
                AuthenticationServiceCollectionExtensions.GetSettings(
                    configuration,
                    AuthenticationServiceCollectionExtensions.ValidIssuersConfigurationSettingsKey);

            validIssuers = validIssuers.Select(validIssuer => validIssuer.Replace("TENANT_ID", tenantId, StringComparison.OrdinalIgnoreCase));

            return(validIssuers);
        }