Exemple #1
0
        private object GenerateToken(UserDto user)
        {
            {
                var identity    = GetIdentity(user);
                var now         = DateTime.UtcNow;
                var expiredDate = now.Add(TimeSpan.FromMinutes(TokenApp.LIFETIME));

                var jwt = new JwtSecurityToken(
                    issuer: TokenApp.ISSUER,
                    audience: TokenApp.AUDIENCE,
                    notBefore: now,
                    claims: identity.Claims,
                    expires: expiredDate,
                    signingCredentials: new SigningCredentials(TokenApp.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
                var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

                var response = new
                {
                    encodedJwt,
                    expiredDate
                };

                return(response);
            }
        }
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();

            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo
                {
                    Version     = "v1",
                    Title       = "Todo API",
                    Description = "ASP.NET Core Web API",
                });

                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
                {
                    Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
                    Name        = "Authorization",
                    In          = ParameterLocation.Header,
                    Type        = SecuritySchemeType.ApiKey
                });
            });

            services.AddHttpContextAccessor();

            Services.ServiceConfiguration.Configure(services, Configuration);

            services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                               .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
                               .RequireAuthenticatedUser().Build());
            });

            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                //x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            });

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                options.RequireHttpsMetadata      = false;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    ValidIssuer    = TokenApp.ISSUER,

                    ValidateAudience = true,
                    ValidAudience    = TokenApp.AUDIENCE,

                    ValidateLifetime = true,

                    IssuerSigningKey         = TokenApp.GetSymmetricSecurityKey(),
                    ValidateIssuerSigningKey = true,
                };
            });
        }