public static IServiceCollection AddTokenAuthentication <TKey, TUser>(this IServiceCollection services, TokenAuthenticationOptions options) where TUser : class { options = options ?? new TokenAuthenticationOptions(); services.AddSingleton(options); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddSingleton <ITokenStore <TKey, TUser>, TokenStore <TKey, TUser> >(); services.AddSingleton <TokenGenerator <TKey, TUser> >(); if (options.AutoLoadClaims) { services.AddScoped <IClaimsTransformation, ClaimsTransformer <TKey, TUser> >(); } services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(x => { x.Events = new JwtBearerEvents { OnAuthenticationFailed = ctx => options.UnAuthenticatedFunc != null ? options.UnAuthenticatedFunc.Invoke(ctx.Request.Path) : FailedResult, OnChallenge = ctx => options.UnAuthenticatedFunc != null ? options.UnAuthenticatedFunc.Invoke(ctx.Request.Path) : FailedResult }; x.TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = options.SecurityKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = options.Issuer, // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = options.Audience, // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero }; }); return(services); }
public TokenGenerator(ITokenStore <TKey, TUser> tokenStore, TokenAuthenticationOptions tokenAuthenticationOptions) { _tokenStore = tokenStore; _tokenAuthenticationOptions = tokenAuthenticationOptions; }