public void ConfigureAuthZero(IAppBuilder app) { // Configure Auth0 parameters // var auth0Domain = $"https://{ConfigurationManager.AppSettings["Domain"]}/"; string auth0Domain = ConfigurationManager.AppSettings["auth0:Domain"]; string auth0ClientId = ConfigurationManager.AppSettings["auth0:ClientId"]; string auth0ClientSecret = ConfigurationManager.AppSettings["auth0:ClientSecret"]; string apiIdentifier = ConfigurationManager.AppSettings["auth0:Auth0ApiIdentifier"]; var keyResolver = new OpenIdConnectSigningKeyResolver(auth0Domain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = apiIdentifier, ValidIssuer = auth0Domain, IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) => keyResolver.GetSigningKey(identifier) } }); }
public void Configuration(IAppBuilder app) { var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/"; var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"]; if (apiIdentifier != "") { var keyResolver = new OpenIdConnectSigningKeyResolver(domain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { // causes this claim to be used as 'Identity.Name' NameClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", ValidAudience = apiIdentifier, ValidIssuer = domain, IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) => keyResolver.GetSigningKey(identifier) } }); } // Configure Web API WebApiConfig.Configure(app); GlobalConfiguration.Configure(CorsConfig.RegisterCors); }
private static TokenValidationParameters GetValidationParameters(string authority, string issuer) { var keyResolver = new OpenIdConnectSigningKeyResolver(authority); return(new TokenValidationParameters() { AuthenticationType = "Bearer", ValidIssuer = issuer, ValidateAudience = false, ValidateIssuer = true, RequireExpirationTime = false, ValidateLifetime = true, IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid) }); }
public void Configuration(IAppBuilder app) { var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/"; var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"]; var keyResolver = new OpenIdConnectSigningKeyResolver(domain); app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = apiIdentifier, ValidIssuer = domain, IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) => keyResolver.GetSigningKey(identifier) } }); WebApiConfig.Configure(app); }
private void ConfigureAuthZero(IAppBuilder app) { var domain = "https://" + ConfigurationManager.AppSettings["auth0:Domain"] + "/"; var apiIdentifier = ConfigurationManager.AppSettings["auth0:ClientId"]; // Api controllers with an [Authorize] attribute will be validated with JWT var keyResolver = new OpenIdConnectSigningKeyResolver(domain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = apiIdentifier, ValidIssuer = domain, IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) => keyResolver.GetSigningKey(identifier) } }); }
public void Configuration(IAppBuilder app) { var domain = "https://dg-dev.onelogin.com/"; // $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/"; //var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"]; var keyResolver = new OpenIdConnectSigningKeyResolver("https://dg-dev.onelogin.com/oidc/"); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = "2344ea80-496e-0135-23fd-0aa838f6b6c8106959", ValidIssuer = "https://openid-connect.onelogin.com/oidc", IssuerSigningKeyResolver = (token, securityToken, identifier, parameters) => keyResolver.GetSigningKey(identifier) } }); // Configure Web API WebApiConfig.Configure(app); }
public void Configuration(IAppBuilder app) { app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); //<--Allows Cors again var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/"; var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"]; var keyResolver = new OpenIdConnectSigningKeyResolver(domain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = apiIdentifier, ValidIssuer = domain, IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid) } }); // Configure Web API WebApiConfig.Configure(app); }
private void ConfigureAuth0(IAppBuilder app) { var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/"; var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"]; var keyResolver = new OpenIdConnectSigningKeyResolver(domain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = apiIdentifier, ValidIssuer = domain, IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid), }, Provider = new OAuthBearerAuthenticationProvider() { OnValidateIdentity = AddClaim } } ); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Configure Auth0 parameters string auth0Domain = ConfigurationManager.AppSettings["auth0:Domain"]; string auth0ClientId = ConfigurationManager.AppSettings["auth0:ClientId"]; string auth0ClientSecret = ConfigurationManager.AppSettings["auth0:ClientSecret"]; string auth0RedirectUri = ConfigurationManager.AppSettings["auth0:RedirectUri"]; string auth0PostLogoutRedirectUri = ConfigurationManager.AppSettings["auth0:PostLogoutRedirectUri"]; string auth0apiIdentifier = ConfigurationManager.AppSettings["auth0:ClientId"]; // Auth0 docs are wrong, they want ClientId here not apiIdentifier string auth0apiDomain = $"https://{auth0Domain}/"; // Enable Kentor Cookie Saver middleware app.UseKentorOwinCookieSaver(); // Set Cookies as default authentication type app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = CookieAuthenticationDefaults.AuthenticationType, LoginPath = new PathString("/Account/Login") }); // Configure Auth0 JwtBearer authentication var keyResolver = new OpenIdConnectSigningKeyResolver(auth0apiDomain); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, TokenValidationParameters = new TokenValidationParameters() { ValidAudience = auth0apiIdentifier, ValidIssuer = auth0apiDomain, IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid) } }); // Configure Auth0 authentication app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { AuthenticationType = "Auth0", Authority = $"https://{auth0Domain}", ClientId = auth0ClientId, ClientSecret = auth0ClientSecret, RedirectUri = auth0RedirectUri, PostLogoutRedirectUri = auth0PostLogoutRedirectUri, ResponseType = OpenIdConnectResponseType.CodeIdTokenToken, Scope = "openid profile email", TokenValidationParameters = new TokenValidationParameters { NameClaimType = "name" }, Notifications = new OpenIdConnectAuthenticationNotifications { RedirectToIdentityProvider = notification => { if (notification.ProtocolMessage.RequestType == OpenIdConnectRequestType.Logout) { var logoutUri = $"https://{auth0Domain}/v2/logout?client_id={auth0ClientId}"; var postLogoutUri = notification.ProtocolMessage.PostLogoutRedirectUri; if (!string.IsNullOrEmpty(postLogoutUri)) { if (postLogoutUri.StartsWith("/")) { // transform to absolute var request = notification.Request; postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri; } logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}"; } notification.Response.Redirect(logoutUri); notification.HandleResponse(); } return(Task.FromResult(0)); } } }); }