public JwtProvider( IOptions <JwtSigningOptions> signingOpts, IOptions <AuthenticationOptions> authOpts, IOptions <LeafVersionOptions> versionOpts, IFederatedIdentityProvider identityService, IFederatedEntitlementProvider entitlementService ) { jwtOptions = signingOpts.Value; authenticationOptions = authOpts.Value; versionOptions = versionOpts.Value; this.idProvider = identityService; this.entitlementService = entitlementService; }
private static void ConfigureJwtOptions(IServiceCollection services, IConfiguration configuration) { IConfigurationSection jwtConfigurationSection = configuration.GetSection(nameof(JwtOptions)); JwtOptions jwtOptions = new JwtOptions(); if (!jwtConfigurationSection.Exists()) { throw new InvalidOperationException($"Missing {nameof(JwtOptions)} Configuration section"); } ConfigureFromConfigurationOptions <JwtOptions> jwtConfigure = new ConfigureFromConfigurationOptions <JwtOptions>(jwtConfigurationSection); jwtConfigure.Configure(jwtOptions); IJwtSigningOptions jwtSigningOptions = new JwtSigningOptions(jwtOptions); services.AddSingleton <IJwtOptions>(jwtOptions); services.AddSingleton(jwtSigningOptions); services.AddSingleton <IWebSocketManager, WebSocketManager>(); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidAudience = jwtOptions.Audience, ValidIssuer = jwtOptions.Issuer, ValidateAudience = true, ValidateIssuer = true, ClockSkew = TimeSpan.Zero, IssuerSigningKey = jwtSigningOptions.SigningCredentials.Key }; options.Events = new JwtBearerEvents { OnMessageReceived = context => { var accessToken = context.Request.Query["access_token"]; var path = context.HttpContext.Request.Path; if (!string.IsNullOrEmpty(accessToken) && path.StartsWithSegments("/ws")) { context.Token = accessToken; } return(Task.CompletedTask); } }; }); services.AddAuthorization(auth => { var policy = new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build(); auth.AddPolicy(JwtBearerDefaults.AuthenticationScheme, policy); }); services.AddControllers(options => { AuthorizationPolicy policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .Build(); options.Filters.Add(new AuthorizeFilter(policy)); }) .AddNewtonsoftJson(options => { options.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore; options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore; }); services .AddSignalR(options => options.EnableDetailedErrors = true) .AddJsonProtocol(); services.AddHttpContextAccessor(); }