// This method works specifically for single tenant application.
private static void RegisterAuthenticationServices(
IServiceCollection services,
IConfiguration configuration)
{
AuthenticationServiceCollectionExtensions.ValidateAuthenticationConfigurationSettings(configuration);
services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; })
.AddJwtBearer(options =>
{
var azureADOptions = new AzureADOptions();
configuration.Bind("AzureAd", azureADOptions);
options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration),
ValidIssuers = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration),
AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator,
};
});
}
// This method works specifically for single tenant application.
private static void RegisterAuthenticationServices(
IServiceCollection services,
IConfiguration configuration)
{
AuthenticationServiceCollectionExtensions.ValidateAuthenticationConfigurationSettings(configuration);
var atWorkRioIdentityOptions = configuration.GetSection("AtWorkRioIdentity").Get <AtWorkRioIdentityOptions>();
services.AddTransient <AtWorkRioIdentityOptions>(svc => atWorkRioIdentityOptions);
services.AddSingleton((serviceProvider) =>
{
var options = serviceProvider.GetService <AtWorkRioIdentityOptions>();
return(new DiscoveryCache(options.Authority));
});
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
var azureADOptions = new AzureADOptions();
configuration.Bind("AzureAd", azureADOptions);
options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration),
ValidIssuers = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration),
AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator,
};
})
.AddIdentityServerAuthentication(PolicyNames.AtWorkRioIdentity, options =>
{
options.Authority = atWorkRioIdentityOptions.Authority;
options.ApiName = atWorkRioIdentityOptions.ApiName;
options.ApiSecret = atWorkRioIdentityOptions.ApiSecret;
options.RequireHttpsMetadata = false;
})
;
}
