/// <summary> /// Adds Bearer token processing to an HTTP application pipeline. This middleware understands appropriately /// formatted and secured tokens which appear in the request header. If the Options.AuthenticationMode is Active, the /// claims within the bearer token are added to the current request's IPrincipal User. If the Options.AuthenticationMode /// is Passive, then the current request is not modified, but IAuthenticationManager AuthenticateAsync may be used at /// any time to obtain the claims from the request's bearer token. /// See also http://tools.ietf.org/html/rfc6749 /// </summary> /// <param name="app">The application builder</param> /// <param name="configureOptions">Used to configure Middleware options.</param> /// <returns>The application builder</returns> public static IApplicationBuilder UseJwtBearerAuthentication([NotNull] this IApplicationBuilder app, Action<JwtBearerOptions> configureOptions) { var options = new JwtBearerOptions(); if (configureOptions != null) { configureOptions(options); } return app.UseJwtBearerAuthentication(options); }
public BaseJwtBearerContext(HttpContext context, JwtBearerOptions options) : base(context) { if (options == null) { throw new ArgumentNullException(nameof(options)); } Options = options; }
/// <summary> /// Adds the <see cref="JwtBearerMiddleware"/> middleware to the specified <see cref="IApplicationBuilder"/>, which enables Bearer token processing capabilities. /// This middleware understands appropriately /// formatted and secured tokens which appear in the request header. If the Options.AuthenticationMode is Active, the /// claims within the bearer token are added to the current request's IPrincipal User. If the Options.AuthenticationMode /// is Passive, then the current request is not modified, but IAuthenticationManager AuthenticateAsync may be used at /// any time to obtain the claims from the request's bearer token. /// See also http://tools.ietf.org/html/rfc6749 /// </summary> /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param> /// <param name="configureOptions">An action delegate to configure the provided <see cref="JwtBearerOptions"/>.</param> /// <returns>A reference to this instance after the operation has completed.</returns> public static IApplicationBuilder UseJwtBearerAuthentication(this IApplicationBuilder app, Action<JwtBearerOptions> configureOptions) { if (app == null) { throw new ArgumentNullException(nameof(app)); } var options = new JwtBearerOptions(); if (configureOptions != null) { configureOptions(options); } return app.UseJwtBearerAuthentication(options); }
/// <summary> /// Adds the <see cref="JwtBearerMiddleware"/> middleware to the specified <see cref="IApplicationBuilder"/>, which enables Bearer token processing capabilities. /// This middleware understands appropriately /// formatted and secured tokens which appear in the request header. If the Options.AuthenticationMode is Active, the /// claims within the bearer token are added to the current request's IPrincipal User. If the Options.AuthenticationMode /// is Passive, then the current request is not modified, but IAuthenticationManager AuthenticateAsync may be used at /// any time to obtain the claims from the request's bearer token. /// See also http://tools.ietf.org/html/rfc6749 /// </summary> /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param> /// <param name="options">A <see cref="JwtBearerOptions"/> that specifies options for the middleware.</param> /// <returns>A reference to this instance after the operation has completed.</returns> public static IApplicationBuilder UseJwtBearerAuthentication(this IApplicationBuilder app, JwtBearerOptions options) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } return app.UseMiddleware<JwtBearerMiddleware>(options); }
public static String GenerateToken(this JwtSecurityTokenHandler tokenHandler, JwtBearerOptions options, SigningCredentials signingCredentials, ClaimsIdentity identity) { if (tokenHandler == null) throw new ArgumentNullException(nameof(tokenHandler)); if (options == null) throw new ArgumentNullException(nameof(options)); if (signingCredentials == null) throw new ArgumentNullException(nameof(signingCredentials)); if (identity == null) throw new ArgumentNullException(nameof(identity)); var token = tokenHandler.CreateToken( issuer: options.TokenValidationParameters.ValidIssuer, audience: options.TokenValidationParameters.ValidAudience, signingCredentials: signingCredentials, subject: identity); return tokenHandler.WriteToken(token); }
public ReceivedTokenContext(HttpContext context, JwtBearerOptions options) : base(context, options) { }
private static JwtBearerOptions ConfigureJwt(IdentityServerAuthenticationOptions options) { var jwtOptions = new JwtBearerOptions { AuthenticationScheme = options.AuthenticationScheme, Authority = options.Authority, RequireHttpsMetadata = false, AutomaticAuthenticate = options.AutomaticAuthenticate, AutomaticChallenge = options.AutomaticChallenge, BackchannelTimeout = options.BackChannelTimeouts, RefreshOnIssuerKeyNotFound = true, Events = new JwtBearerEvents { OnReceivingToken = e => { e.Token = _tokenRetriever(e.Request); return Task.FromResult(0); }, OnValidatedToken = e => { if (options.SaveTokensAsClaims) { e.AuthenticationTicket.Principal.Identities.First().AddClaim( new Claim("access_token", _tokenRetriever(e.Request))); } return Task.FromResult(0); } } }; if (options.JwtBackChannelHandler != null) { jwtOptions.BackchannelHttpHandler = options.JwtBackChannelHandler; } jwtOptions.TokenValidationParameters.ValidateAudience = false; jwtOptions.TokenValidationParameters.NameClaimType = options.NameClaimType; jwtOptions.TokenValidationParameters.RoleClaimType = options.RoleClaimType; return jwtOptions; }
public AuthenticationFailedContext(HttpContext context, JwtBearerOptions options) : base(context, options) { }
public ValidatedTokenContext(HttpContext context, JwtBearerOptions options) : base(context, options) { }
public ReceivingTokenContext(HttpContext context, JwtBearerOptions options) : base(context, options) { }
public JwtBearerChallengeContext(HttpContext context, JwtBearerOptions options) : base(context, options) { }