Esempio n. 1
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();

            services.AddHttpContextAccessor();

            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo
                {
                    Version     = "v1",
                    Title       = "API",
                    Description = "ASP.NET Core Web API",
                });

                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
                {
                    Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
                    Name        = "Authorization",
                    In          = ParameterLocation.Header,
                    Type        = SecuritySchemeType.ApiKey
                });
            });

            Services.ServiceConfiguration.Configure(services, Configuration);

            services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                               .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
                               .RequireAuthenticatedUser()
                               .Build());
            });

            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            });

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                options.RequireHttpsMetadata      = false;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = true,
                    ValidIssuer    = TokenModel.ISSUER,

                    ValidateAudience = true,
                    ValidAudience    = TokenModel.AUDIENCE,

                    ValidateLifetime = true,

                    IssuerSigningKey         = TokenModel.GetSymmetricSecurityKey(),
                    ValidateIssuerSigningKey = true
                };
            });
        }
Esempio n. 2
0
        private object GenerateToken(UserDto user)
        {
            var identity    = GetIdentity(user);
            var now         = DateTime.UtcNow;
            var expiredDate = now.Add(TimeSpan.FromMinutes(TokenModel.LIFETIME));

            var jwt = new JwtSecurityToken(
                issuer: TokenModel.ISSUER,
                audience: TokenModel.AUDIENCE,
                notBefore: now,
                claims: identity.Claims,
                expires: expiredDate,
                signingCredentials: new SigningCredentials(TokenModel.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
            var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            var response = new
            {
                encodedJwt,
                expiredDate
            };

            return(response);
        }