private void ConfigureAuth(IApplicationBuilder app, IMainDataProvider mainDataProvider) { //var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration.GetValue<string>("SecretKey"))); var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)); app.UseSimpleTokenProvider(new TokenProviderOptions { Path = "/api/token", Audience = validAudience, Issuer = validIssuer, SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256), IdentityResolver = mainDataProvider.ResolveIdentity }); var tokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = validIssuer, // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = validAudience, // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero }; app.UseJwtBearerAuthentication(new JwtBearerOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, TokenValidationParameters = tokenValidationParameters, Events = new JwtBearerEvents { OnAuthenticationFailed = context => { Debug.WriteLine("MSG:{0}", context.Exception.Message); return(Task.FromResult(0)); } } }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, AuthenticationScheme = "Cookie", CookieName = "access_token", TicketDataFormat = new CustomJwtDataFormat( SecurityAlgorithms.HmacSha256, tokenValidationParameters) }); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, Context context, IMainDataProvider mainDataProvider) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseApplicationInsightsRequestTelemetry(); app.UseApplicationInsightsExceptionTelemetry(); ConfigureAuth(app, mainDataProvider); app.UseMvc(); DbInitializer.Initialize(context); }
public MeController(IMainDataProvider dataProvider) { DataProvider = dataProvider; }