// This method works specifically for single tenant application. private static void RegisterAuthenticationServices( IServiceCollection services, IConfiguration configuration) { AuthenticationServiceCollectionExtensions.ValidateAuthenticationConfigurationSettings(configuration); services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var azureADOptions = new AzureADOptions(); configuration.Bind("AzureAd", azureADOptions); options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0"; options.TokenValidationParameters = new TokenValidationParameters { ValidAudiences = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration), ValidIssuers = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration), AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator, }; }); }
// This method works specifically for single tenant application. private static void RegisterAuthenticationServices( IServiceCollection services, IConfiguration configuration) { AuthenticationServiceCollectionExtensions.ValidateAuthenticationConfigurationSettings(configuration); var atWorkRioIdentityOptions = configuration.GetSection("AtWorkRioIdentity").Get <AtWorkRioIdentityOptions>(); services.AddTransient <AtWorkRioIdentityOptions>(svc => atWorkRioIdentityOptions); services.AddSingleton((serviceProvider) => { var options = serviceProvider.GetService <AtWorkRioIdentityOptions>(); return(new DiscoveryCache(options.Authority)); }); services .AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => { var azureADOptions = new AzureADOptions(); configuration.Bind("AzureAd", azureADOptions); options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0"; options.TokenValidationParameters = new TokenValidationParameters { ValidAudiences = AuthenticationServiceCollectionExtensions.GetValidAudiences(configuration), ValidIssuers = AuthenticationServiceCollectionExtensions.GetValidIssuers(configuration), AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator, }; }) .AddIdentityServerAuthentication(PolicyNames.AtWorkRioIdentity, options => { options.Authority = atWorkRioIdentityOptions.Authority; options.ApiName = atWorkRioIdentityOptions.ApiName; options.ApiSecret = atWorkRioIdentityOptions.ApiSecret; options.RequireHttpsMetadata = false; }) ; }