public AuthenticationApi(
SignInManager <ApplicationUser> signInManager,
UserManager <ApplicationUser> userManager,
IMapper mapper,
ILogger <AuthenticationApi> logger,
IEmailSender emailSender,
IWebHostEnvironment env,
IHttpContextAccessor context,
JwtService jwtService
)
{
this.signInManager = signInManager;
this.userManager = userManager;
this.mapper = mapper;
this.logger = logger;
this.emailSender = emailSender;
this.env = env;
this.context = context.HttpContext;
this.jwtService = jwtService;
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
#region Setting authenticate jwt
// This line use for di UserManager, RoleManager and another at releate to identity, If dont have this line, you cann't use UserManager and RoleManager via dependency injection.
// UserManager<IdentityUser> or UserManager<ApplicaitonUser>, if you customize IdentityUser you should set new type model on these.
services.AddIdentity <ApplicationUser, IdentityRole>().AddEntityFrameworkStores <ApplicationDbContext>();
services.AddScoped <UserService>();
services.AddScoped <RoleService>();
#endregion
#region Setting validate jwt for authorize
// This section is setting validate jwt token for authorize
// If this service cann't api must to authorize, you will be not implement this section.
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(jwt => {
var key = Encoding.ASCII.GetBytes("this is my custom Secret key for authnetication");
//jwt.SaveToken = true;
jwt.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true // this will validate the 3rd part of the jwt token using the secret that we added in the appsettings and verify we have generated the jwt token
, IssuerSigningKey = new SymmetricSecurityKey(key)
};
});
#endregion
#region Setting validate jwt by policy base for authorize
// Add policy for authorize
services.AddAuthorization(options => {
options.AddPolicy("AdminIce", policy => policy.RequireAssertion(context => JwtService.SetPolicyAdminForUserIce(context)));
});
#endregion
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo {
Title = "authentication", Version = "v1"
});
});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext <ApplicationDbContext>(options => {
var connUrl = Environment.GetEnvironmentVariable("DATABASE_URL");
// Parse connection URL to connection string for Npgsql
connUrl = connUrl.Replace("postgres://", string.Empty);
var pgUserPass = connUrl.Split("@")[0];
var pgHostPortDb = connUrl.Split("@")[1];
var pgHostPort = pgHostPortDb.Split("/")[0];
var pgDb = pgHostPortDb.Split("/")[1];
var pgUser = pgUserPass.Split(":")[0];
var pgPass = pgUserPass.Split(":")[1];
var pgHost = pgHostPort.Split(":")[0];
var pgPort = pgHostPort.Split(":")[1];
string connStr = $"Server={pgHost};Port={pgPort};User Id={pgUser};Password={pgPass};Database={pgDb};sslmode=Require;Trust Server Certificate=true";
options.UseNpgsql(connStr);
});
#region Setting authenticate jwt
// This line use for di UserManager, RoleManager and another at releate to identity, If dont have this line, you cann't use UserManager and RoleManager via dependency injection.
// UserManager<IdentityUser> or UserManager<ApplicaitonUser>, if you customize IdentityUser you should set new type model on these.
services.AddIdentity <ApplicationUser, IdentityRole>().AddEntityFrameworkStores <ApplicationDbContext>();
services.AddScoped <UserService>();
services.AddScoped <RoleService>();
#endregion
#region Setting validate jwt for authorize
// This section is setting validate jwt token for authorize
// If this service cann't api must to authorize, you will be not implement this section.
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(jwt => {
var key = Encoding.ASCII.GetBytes("this is my custom Secret key for authnetication");
//jwt.SaveToken = true;
jwt.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true // this will validate the 3rd part of the jwt token using the secret that we added in the appsettings and verify we have generated the jwt token
, IssuerSigningKey = new SymmetricSecurityKey(key)
};
});
#endregion
#region Setting validate jwt by policy base for authorize
// Add policy for authorize
services.AddAuthorization(options => {
options.AddPolicy("AdminIce", policy => policy.RequireAssertion(context => JwtService.SetPolicyAdminForUserIce(context)));
});
#endregion
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo {
Title = "authentication", Version = "v1"
});
});
}
public JwtValidateMiddleware(JwtService jwtService, AuthenticationApi authApi)
{
this.jwtService = jwtService;
this.authApi = authApi;
}