/* * 1) In Startup.ConfigureServices invoke before services.AddMvc(): * services.AddJwtBearerAuthentication(); * * 2) Also in Startup.Configure invoke app.UseAuthentication() before app.UseMvc(): * app.UseAuthentication(); */ public static void AddJwtBearerAuthentication(this IServiceCollection services) { services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = AuthJwtTokenManager.Issuer, ValidateAudience = true, ValidAudience = AuthJwtTokenManager.Audience, ValidateLifetime = true, IssuerSigningKey = AuthJwtTokenManager.GetSecurityKey(), ValidateIssuerSigningKey = true }; }); services.AddSingleton <IAuthorizationHandler, ValidSubdomainHandler>(); services.AddAuthorization(options => { options.AddPolicy(AuthJwtTokenManager.ValidSubdomainPolicy, policy => policy.RequireClaim(AuthJwtTokenManager.ClaimSubdomainKey) .AddRequirements(new ValidSubdomainRequirement(AuthJwtTokenManager.ClaimSubdomainKey))); }); }
public static string GetJwtToken(this ClaimsIdentity idenitity) { var credentials = AuthJwtTokenManager.GetSigningCredentials(); var token = new JwtSecurityToken( issuer: AuthJwtTokenManager.Issuer, audience: AuthJwtTokenManager.Audience, notBefore: DateTime.UtcNow, claims: idenitity.Claims, expires: DateTime.UtcNow.AddDays(AuthJwtTokenManager.ExpireDays), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }