public static void AddAccessTokens(this IServiceCollection services, IConfiguration configuration) { var section = configuration.GetSection("security:jwt"); var options = new AccessTokenOptions { Audience = section["audience"], Expiration = section.GetValue <TimeSpan>("expiration"), Issuer = section["issuer"], RefreshExpiration = section.GetValue <TimeSpan>("refreshExpiration"), SecurityKey = new SymmetricSecurityKey(Convert.FromBase64String(section["signingKey"])) }; options.SigningCredentials = new SigningCredentials(options.SecurityKey, SecurityAlgorithms.HmacSha256Signature); options.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = options.SecurityKey, ValidAudience = options.Audience, ValidIssuer = options.Issuer, ValidateAudience = !string.IsNullOrEmpty(options.Audience), ValidateIssuer = !string.IsNullOrEmpty(options.Issuer), ValidateIssuerSigningKey = true }; services.AddAuthentication(auth => { auth.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; auth.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; auth.DefaultForbidScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(jwt => { jwt.RequireHttpsMetadata = false; jwt.SaveToken = true; jwt.TokenValidationParameters = options.TokenValidationParameters; }); services.AddSingleton(options); services.AddScoped <IAccessTokenProvider, AccessTokenProvider>(); }
public AccessTokenProvider(AccessTokenOptions options, UserManager <AthenaUser> userManager, AthenaData data) { this.options = options; this.userManager = userManager; this.data = data; }