public void ConfigureServices(IServiceCollection services) { MappingService.Initialize(); services.Configure <AppOptions>(Configuration.GetSection("AppOptions")); services.AddDbContext <AppDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"))); services.AddScoped <IAuthService, AuthService>(); services.AddScoped <TodoItemService>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.SaveToken = true; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = Configuration["AppOptions:AppDns"], ValidAudience = Configuration["AppOptions:AppDns"], IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["AppOptions:JwtSecretKey"])) }; options.Events = new JwtBearerEvents { OnTokenValidated = context => { // Add the access_token as a claim, as we may actually need it if (context.SecurityToken is JwtSecurityToken accessToken) { if (context.Principal.Identity is ClaimsIdentity identity) { identity.AddClaim(new Claim("access_token", accessToken.RawData)); } } return(Task.CompletedTask); } }; }); services.AddCors(options => { options.AddPolicy("EnableCORS", builder => { builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod().AllowCredentials().Build(); }); }); var defaultPolicy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); services.AddMvc(setup => { setup.Filters.Add(new AuthorizeFilter(defaultPolicy)); }) .SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); }