Example #1
0
        public AccountRules(UserManager <User> userManager, SignInManager <User> signInManager,
                            IOptions <JwtOptions> jwtOptions, ILoggerFactory loggerFactory, JwtTokenCache tokenCache)
        {
            _userManager   = userManager;
            _signInManager = signInManager;
            _tokenCache    = tokenCache;
            _jwtOptions    = jwtOptions.Value;
            _logger        = loggerFactory.CreateLogger <AccountRules> ();

            ThrowIfInvalidOptions(_jwtOptions);
        }
Example #2
0
        private void ConfigIdentity(IServiceCollection services, IHostingEnvironment hostingEnv)
        {
            var jwtOptions = new JwtOptions();

            Configuration.GetSection(nameof(JwtOptions)).Bind(jwtOptions);

            SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtOptions.SecretKey));

            // ConfigureMaps JwtIssuerOptions
            services.Configure <JwtOptions> (options =>
            {
                options.Issuer             = jwtOptions.Issuer;
                options.Audience           = jwtOptions.Audience;
                options.InstanceClaimName  = jwtOptions.InstanceClaimName;
                options.SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
            });

            var tokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,
                ValidIssuer    = jwtOptions.Issuer,

                ValidateAudience = true,
                ValidAudience    = jwtOptions.Audience,

                ValidateIssuerSigningKey = true,
                IssuerSigningKey         = signingKey,

                RequireExpirationTime = true,
                ValidateLifetime      = true,

                ClockSkew = TimeSpan.Zero
            };

            var tokenCache = new JwtTokenCache();

            services.AddSingleton(tokenCache);

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(options =>
            {
                options.TokenValidationParameters = tokenValidationParameters;
                options.Events = new JwtBearerEvents()
                {
                    OnAuthenticationFailed = OnRedirectToLogin
                };
            });

            var identityOptions = new CustomIdentityOptions();

            Configuration.GetSection(nameof(CustomIdentityOptions)).Bind(identityOptions);

            IdentityBuilder builder = services.AddIdentityCore <User> (options =>
            {
                options.User.RequireUniqueEmail         = identityOptions.UserRequireUniqueEmail;
                options.Password.RequiredLength         = identityOptions.PasswordRequiredLength;
                options.Password.RequireDigit           = identityOptions.PasswordRequireDigit;
                options.Password.RequireLowercase       = identityOptions.PasswordRequireLowercase;
                options.Password.RequireNonAlphanumeric = identityOptions.PasswordRequireNonAlphanumeric;
                options.Password.RequireUppercase       = identityOptions.PasswordRequireUppercase;
                options.Lockout.MaxFailedAccessAttempts = identityOptions.LockoutMaxFailedAccessAttempts;
            });

            builder = new IdentityBuilder(builder.UserType, typeof(IdentityRole), builder.Services)
                      .AddEntityFrameworkStores <AdminContext> ()
                      .AddDefaultTokenProviders();

            builder.AddRoleValidator <RoleValidator <IdentityRole> > ();
            builder.AddRoleManager <RoleManager <IdentityRole> > ();
            builder.AddSignInManager <SignInManager <User> > ();
            builder.AddUserValidator <UserValidator <User> > ();
        }