// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { ConfigureMisc(services); ConfigureCors(services); ConfigureOData(services); ApiSecurityOptions apiSecurityOptions = ReadApiSecurityOptions(); ConfigureSwagger(services, apiSecurityOptions); ConfigureAuth(services, apiSecurityOptions); }
private static void ConfigureAuth( IServiceCollection services, ApiSecurityOptions apiSecurityOptions) { // https://identityserver4.readthedocs.io/en/latest/topics/apis.html services .AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { // base-address of your identityserver options.Authority = apiSecurityOptions.Authority; // if you are using API resources, you can specify the name here options.Audience = apiSecurityOptions.Audience; }); }
private static OpenApiSecurityRequirement ConfigureSecurityRequirement(ApiSecurityOptions options) { if (_requirement == null) { _requirement = new OpenApiSecurityRequirement { { _scheme, new[] { options.Audience } } }; } return(_requirement); }
private static void ConfigureSwagger( IServiceCollection services, ApiSecurityOptions apiSecurityOptions) { services.AddTransient <IConfigureOptions <SwaggerGenOptions>, ConfigureSwaggerOptions>(); services.AddSwaggerGen( options => { // add a custom operation filter which sets default values options.OperationFilter <SwaggerDefaultValues>(); options.OperationFilter <AuthorizeCheckOperationFilter>(); // integrate xml comments options.IncludeXmlComments(XmlCommentsFilePath); options.AddSecurityDefinition( ApiInfo.SchemeOauth2, ConfigureSecurityDefinitionScheme(apiSecurityOptions)); }); }
private static OpenApiSecurityScheme ConfigureSecurityDefinitionScheme( ApiSecurityOptions apiSecurityOptions) { OpenApiOAuthFlow authCodeFlow = new OpenApiOAuthFlow { AuthorizationUrl = new Uri($"{apiSecurityOptions.Authority}/connect/authorize"), TokenUrl = new Uri($"{apiSecurityOptions.Authority}/connect/token"), Scopes = new Dictionary <string, string> { { apiSecurityOptions.Audience, "Api access" } } }; return(new OpenApiSecurityScheme { Type = SecuritySchemeType.OAuth2, Flows = new OpenApiOAuthFlows { AuthorizationCode = authCodeFlow } }); }