Example #1
0
        private void ConfigureAuth(IApplicationBuilder app, IMainDataProvider mainDataProvider)
        {
            //var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration.GetValue<string>("SecretKey")));
            var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey));

            app.UseSimpleTokenProvider(new TokenProviderOptions
            {
                Path               = "/api/token",
                Audience           = validAudience,
                Issuer             = validIssuer,
                SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
                IdentityResolver   = mainDataProvider.ResolveIdentity
            });

            var tokenValidationParameters = new TokenValidationParameters
            {
                // The signing key must match!
                ValidateIssuerSigningKey = true,
                IssuerSigningKey         = signingKey,

                // Validate the JWT Issuer (iss) claim
                ValidateIssuer = true,
                ValidIssuer    = validIssuer,

                // Validate the JWT Audience (aud) claim
                ValidateAudience = true,
                ValidAudience    = validAudience,

                // Validate the token expiry
                ValidateLifetime = true,

                // If you want to allow a certain amount of clock drift, set that here:
                ClockSkew = TimeSpan.Zero
            };

            app.UseJwtBearerAuthentication(new JwtBearerOptions
            {
                AutomaticAuthenticate     = true,
                AutomaticChallenge        = true,
                TokenValidationParameters = tokenValidationParameters,
                Events = new JwtBearerEvents {
                    OnAuthenticationFailed = context => {
                        Debug.WriteLine("MSG:{0}", context.Exception.Message);
                        return(Task.FromResult(0));
                    }
                }
            });

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AutomaticAuthenticate = true,
                AutomaticChallenge    = true,
                AuthenticationScheme  = "Cookie",
                CookieName            = "access_token",
                TicketDataFormat      = new CustomJwtDataFormat(
                    SecurityAlgorithms.HmacSha256,
                    tokenValidationParameters)
            });
        }
Example #2
0
        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, Context context, IMainDataProvider mainDataProvider)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();

            app.UseApplicationInsightsRequestTelemetry();
            app.UseApplicationInsightsExceptionTelemetry();

            ConfigureAuth(app, mainDataProvider);

            app.UseMvc();

            DbInitializer.Initialize(context);
        }
 public MeController(IMainDataProvider dataProvider)
 {
     DataProvider = dataProvider;
 }