private static void SetJwtConfig(IConfiguration configuration) { AuthJwtOptions.SetAuthOptions( issuer: configuration["Tokens:Issuer"], audience: configuration["Tokens:Audience"], key: configuration["Tokens:Key"], lifetime: Convert.ToInt32(configuration["Tokens:Lifetime"])); }
public TestFixture() { ServiceCollectionExtensions.UseStaticRegistration = false; var webHostBuilder = new WebHostBuilder().UseStartup <TStartup>(); _testServer = new TestServer(webHostBuilder); HttpClient = _testServer.CreateClient(); HttpClient.BaseAddress = new Uri("http://localhost:53036"); var databaseInitializer = GetService <IDatabaseInitializer>(); databaseInitializer.SeedAsync().Wait(); AuthJwtOptions.SetAuthOptions( issuer: "test iusser", audience: "audience", key: "very_long_very_secret_secret", lifetime: 1); }
/// <summary> /// Extension method used to add the custom authentication. /// </summary> /// <param name="services">The service collection.</param> /// <param name="environment">The hosting environment.</param> /// <param name="configuration">The configuration.</param> public static void AddCustomAuthentication(this IServiceCollection services, IHostingEnvironment environment, IConfiguration configuration) { Ensure.ArgumentNotNull(services, nameof(services)); Ensure.ArgumentNotNull(environment, nameof(environment)); Ensure.ArgumentNotNull(configuration, nameof(configuration)); var jwtOptions = new AuthJwtOptions(); configuration.GetSection("ApiOptions:AuthOptions:JwtOptions").Bind(jwtOptions); string exceptionMessage = "ApiOptions:AuthOptions:JwtOptions:{0} is missing."; if (string.IsNullOrWhiteSpace(jwtOptions.SecretKey)) { throw new UnexpectedNullException(string.Format(exceptionMessage, nameof(jwtOptions.SecretKey))); } if (string.IsNullOrWhiteSpace(jwtOptions.Issuer)) { throw new UnexpectedNullException(string.Format(exceptionMessage, nameof(jwtOptions.Issuer))); } if (string.IsNullOrWhiteSpace(jwtOptions.Audience)) { throw new UnexpectedNullException(string.Format(exceptionMessage, nameof(jwtOptions.Audience))); } if (string.IsNullOrWhiteSpace(jwtOptions.NameClaimType)) { throw new UnexpectedNullException(string.Format(exceptionMessage, nameof(jwtOptions.NameClaimType))); } if (string.IsNullOrWhiteSpace(jwtOptions.RoleClaimType)) { throw new UnexpectedNullException(string.Format(exceptionMessage, nameof(jwtOptions.RoleClaimType))); } if (environment.IsDevelopment()) { IdentityModelEventSource.ShowPII = true; } // Avoid System.ArgumentOutOfRangeException: IDX10603: Decryption failed. Keys tried: 'HS256'. if (jwtOptions.SecretKey.Length < 16) { throw new AmiException("JWT secret key must consist of minimum 16 characters."); } services.AddAuthentication(o => { o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddCookie(o => { o.LoginPath = "/account/login"; o.LogoutPath = "/account/logout"; o.AccessDeniedPath = "/account/login"; }).AddJwtBearer(o => { o.RequireHttpsMetadata = false; o.Audience = jwtOptions.Audience; o.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtOptions.SecretKey)), ValidateIssuer = true, ValidIssuer = jwtOptions.Issuer, ValidateAudience = true, ValidAudience = jwtOptions.Audience, ValidateActor = true, ValidateLifetime = true, NameClaimType = jwtOptions.NameClaimType, RoleClaimType = jwtOptions.RoleClaimType }; o.Events = new JwtBearerEvents() { OnMessageReceived = (context) => { // pull the bearer token out of the QueryString for WebSocket connections if (context.Request.Query.TryGetValue("authtoken", out StringValues token)) { context.Token = token; } return(Task.CompletedTask); }, OnAuthenticationFailed = c => { if (c.Exception is AuthException) { return(Task.CompletedTask); } else { throw new AuthException(c.Exception.Message); } } }; }); }