Ejemplo n.º 1
0
        /// <summary>
        /// Extension method to register the authentication services.
        /// </summary>
        /// <param name="services">IServiceCollection instance.</param>
        /// <param name="configuration">IConfiguration instance.</param>
        public static void AddGoodReadsAuthentication(
            this IServiceCollection services,
            IConfiguration configuration)
        {
            configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));

            // This works specifically for single tenant application.
            ValidateAuthenticationConfigurationSettings(configuration);

            services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; })
            .AddJwtBearer(options =>
            {
                var azureADOptions = new AzureADOptions();
                configuration.Bind("AzureAd", azureADOptions);
                options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0";
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidAudiences    = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration),
                    ValidIssuers      = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration),
                    AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator,
                };
            });

            RegisterAuthorizationPolicy(services);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Gets a collection of valid issuer.
        /// </summary>
        /// <param name="configuration">Represents a set of key/value application configuration properties.</param>
        /// <returns>A collection of valid issuer.</returns>
        private static IEnumerable <string> GetValidIssuers(IConfiguration configuration)
        {
            var tenantId = configuration[AuthenticationServiceCollectionExtensions.TenantIdConfigurationSettingsKey];

            var validIssuers =
                AuthenticationServiceCollectionExtensions.GetSettings(
                    configuration,
                    AuthenticationServiceCollectionExtensions.ValidIssuersConfigurationSettingsKey);

            validIssuers = validIssuers.Select(validIssuer => validIssuer.Replace("TENANT_ID", tenantId, StringComparison.OrdinalIgnoreCase));

            return(validIssuers);
        }