Ejemplo n.º 1
0
 private static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
 WebHost.CreateDefaultBuilder(args)
 .UseStartup <Startup>()
 .ConfigureAppConfiguration((hostContext, config) =>
 {
     config
     .AddEnvironmentVariables()
     .AddJsonFile("settings.json", optional: true, reloadOnChange: true);
 })
 .UseContentRoot(Directory.GetCurrentDirectory())
 .UseKestrel(options =>
 {
     options.Limits.MaxConcurrentConnections         = 25;
     options.Limits.MaxConcurrentUpgradedConnections = 25;
     options.Limits.MaxRequestBodySize     = 10 * 1024;
     options.Limits.MinRequestBodyDataRate =
         new MinDataRate(bytesPerSecond: 100, gracePeriod: TimeSpan.FromSeconds(10));
     options.Limits.MinResponseDataRate =
         new MinDataRate(bytesPerSecond: 100, gracePeriod: TimeSpan.FromSeconds(10));
     options.Listen(IPAddress.Any, 443, listenOptions =>
     {
         listenOptions.UseHttps(CertsProviderService.GetCertificatePath(),
                                CertsProviderService.GetCertificatePassphrase());
     });
 });
Ejemplo n.º 2
0
        /// <summary>
        /// Add Jwt bearer through ServiceCollection interface
        /// </summary>
        /// <param name="services">Services collection</param>
        /// <param name="configuration">Configuration</param>
        /// <returns>Services collection</returns>
        public static IServiceCollection AddJwtBearerAuthentication(this IServiceCollection services,
                                                                    IConfiguration configuration)
        {
            var publicKey = new X509Certificate2(
                CertsProviderService.GetCertificatePath(),
                CertsProviderService.GetCertificatePassphrase()).GetRSAPublicKey();

            services
            .AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey         = new RsaSecurityKey(publicKey),
                    ValidateIssuer           = true,
                    ValidIssuer      = configuration.GetSection("Jwt:Issuer").Value,
                    ValidateAudience = true,
                    ValidAudience    = configuration.GetSection("Jwt:Audience").Value,
                    ValidateLifetime = true,
                    ClockSkew        = TimeSpan.Zero
                };
            });

            return(services);
        }
        public async Task <bool> Handle(ValidateTokenCommand request, CancellationToken cancellationToken)
        {
            var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();

            var publicKey = new X509Certificate2(
                CertsProviderService.GetCertificatePath(),
                CertsProviderService.GetCertificatePassphrase()).GetRSAPublicKey();

            var principal = jwtSecurityTokenHandler.ValidateToken(
                request.Token,
                new TokenValidationParameters()
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKey         = new RsaSecurityKey(publicKey),
                ValidateIssuer           = true,
                ValidIssuer      = _configuration.GetSection("Jwt:Issuer").Value,
                ValidateAudience = true,
                ValidAudience    = _configuration.GetSection("Jwt:Audience").Value,
                ValidateLifetime = true,
                ClockSkew        = TimeSpan.Zero
            },
                out _);

            // Implicit validated
            return(true);
        }
Ejemplo n.º 4
0
        public static IApplicationBuilder UseJwtProvider(this IApplicationBuilder builder, IServiceProvider services,
                                                         IConfiguration configuration)
        {
            // Get the private key
            var privateKey = new X509Certificate2(
                CertsProviderService.GetCertificatePath(),
                CertsProviderService.GetCertificatePassphrase()).GetRSAPrivateKey();

            // Use authentication middleware
            builder.UseAuthentication();

            // Setup Token provider
            var tokenProviderOptions = new TokenProviderOptions()
            {
                Issuer             = configuration.GetSection("Jwt:Issuer").Value,
                Audience           = configuration.GetSection("Jwt:Audience").Value,
                SigningCredentials = new SigningCredentials(new RsaSecurityKey(privateKey), SecurityAlgorithms.RsaSha256),
                IdentityResolver   = UserRepository.GetIdentityAsync
            };

            builder.Map(
                new PathString("/api/token"),
                a => a.UseMiddleware <JwtProviderMiddleware>(Options.Create(tokenProviderOptions))
                );

            return(builder.Map(
                       new PathString("/api/tokenrenew"),
                       a => a.UseMiddleware <JwtRenewMiddleware>(Options.Create(tokenProviderOptions))
                       ));
        }