コード例 #1
0
        public static AuthenticationBuilder AddHelseIdJwtBearer(this AuthenticationBuilder authenticationBuilder,
                                                                IHelseIdApiKonfigurasjon configAuth)
        {
            var builder = authenticationBuilder.AddJwtBearer(
                options =>
            {
                options.Authority                  = configAuth.Authority;
                options.Audience                   = configAuth.ApiName;
                options.RequireHttpsMetadata       = true;
                options.SaveToken                  = true;
                options.RefreshOnIssuerKeyNotFound = true;

                options.TokenValidationParameters = new TokenValidationParameters
                {
                    RequireSignedTokens      = true,
                    RequireAudience          = true,
                    RequireExpirationTime    = true,
                    ValidateIssuer           = true,
                    ValidateIssuerSigningKey = true,
                    ValidateAudience         = true,
                    ValidateLifetime         = true,
                };
            }
                );

            return(builder);
        }
コード例 #2
0
        public static void AddHelseIdAuthorization(this IServiceCollection services, IHelseIdApiKonfigurasjon configAuth)
        {
            services.AddAuthorization(
                config =>
            {
                var authenticatedHidUserPolicy = new AuthorizationPolicyBuilder()
                                                 .RequireAuthenticatedUser()
                                                 .Build();
                var apiAccessPolicy = new AuthorizationPolicyBuilder()
                                      .Combine(authenticatedHidUserPolicy)
                                      .RequireScope(configAuth.ApiScope)
                                      .Build();

                config.DefaultPolicy = apiAccessPolicy;

                config.AddPolicy(Policies.HidAuthenticated, authenticatedHidUserPolicy);
                config.AddPolicy(Policies.ApiAccess, apiAccessPolicy);
            }
                );
        }
コード例 #3
0
        public static void ConfigureHelseIdApiAuthentication(this IServiceCollection services,
                                                             IHelseIdApiKonfigurasjon config, IConfigurationSection configAuthSection)
        {
            services.AddHttpContextAccessor();
            services.AddSingleton <IAutentiseringkonfigurasjon>(config);

            if (config.AuthUse)
            {
                services.AddOptions <HelseIdOptions>()
                .Bind(configAuthSection)
                .ValidateDataAnnotations();


                services.AddScoped <ICurrentUser, CurrentHttpUser>();
                services.AddScoped <IAccessTokenProvider, HttpContextAccessTokenProvider>();

                services
                .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddHelseIdJwtBearer(config);
                services.AddHelseIdAuthorization(config);
            }
        }