public static void ConfigureJwtService(IServiceCollection services, JwtConfiguration jwtConfiguration)
{
var publicKey = SecurityKeyHelper.GetRSAKeyFromXml(jwtConfiguration.PublicKeyXmlFilePath);
var options = new JwtBearerOptions {
TokenValidationParameters =
{
ValidateIssuerSigningKey = jwtConfiguration.ValidateIssuerSigningKey,
IssuerSigningKey = publicKey,
ValidateIssuer = jwtConfiguration.ValidateIssuer,
ValidIssuer = jwtConfiguration.Issuer,
ValidateAudience = jwtConfiguration.ValidateAudience,
ValidAudience = jwtConfiguration.Audience,
ValidateLifetime = jwtConfiguration.ValidateLifetime,
ClockSkew = TimeSpan.FromSeconds(jwtConfiguration.ClockSkew)
},
RequireHttpsMetadata = jwtConfiguration.RequireHttpsMetadata
};
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(o => {
o.TokenValidationParameters = options.TokenValidationParameters;
o.RequireHttpsMetadata = options.RequireHttpsMetadata;
o.Events = new JwtBearerEvents {
OnTokenValidated = context => {
var p = context.Principal;
return(Task.FromResult(0));
},
OnAuthenticationFailed = context => {
if (context.Exception is SecurityTokenExpiredException)
{
var c = context;
}
return(Task.FromResult(0));
}
};
});
}