private void AddAuthentication(IServiceCollection services)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = JwtBearerDefaultOptions.ISSUER,
ValidateAudience = true,
ValidAudience = JwtBearerDefaultOptions.AUDIENCE,
ValidateIssuerSigningKey = true,
IssuerSigningKey = JwtBearerDefaultOptions.GetSecurityKey(),
ValidateLifetime = true,
};
services
.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = true;
options.TokenValidationParameters = tokenValidationParameters;
});
}
public async Task <ExternalAuthenticationResponseData> Login(string code, string redirectURI)
{
string appId = _configuration["Authentication:Facebook:AppId"];
string appSecret = _configuration["Authentication:Facebook:AppSecret"];
var accessTokenResponse = await _httpClient.GetStringAsync($"{FacebookDefaultOptions.AccessTokenURI}" +
$"client_id={appId}&" +
$"client_secret={appSecret}&" +
$"redirect_uri={redirectURI}&" +
$"code={code}");
var accessToken = JsonConvert.DeserializeObject <FacebookAccessTokenResponse>(accessTokenResponse);
// Getting user info
var userInfoResponse = await _httpClient.GetStringAsync($"{FacebookDefaultOptions.UserInfoURI}" +
$"fields=email,first_name,last_name,location&" +
$"access_token={accessToken.AccessToken}");
var userInfo = JsonConvert.DeserializeObject <FacebookUserInfoResponse>(userInfoResponse);
userInfo.ChangeLocation(ConvertNameToAddress(userInfo.Location.name.Value));
// Issuing token, if user is not exist then created
var user = await _userRepository.FindUserByEmailAsync(userInfo.Email);
if (user == null)
{
var newUser = new User(userInfo.Name, userInfo.Surname, userInfo.Email, userInfo.Location);
await _userRepository.AddAsync(newUser);
user = new User(userInfo.Name, userInfo.Surname, userInfo.Email, userInfo.Location);
}
var identity = GetIdentity(user.Name, user.Surname, user.Email);
var jwtToken = new JwtSecurityToken(
issuer: JwtBearerDefaultOptions.ISSUER,
audience: JwtBearerDefaultOptions.AUDIENCE,
notBefore: DateTime.Now,
expires: DateTime.Now.AddSeconds(JwtBearerDefaultOptions.ExpirationInSeconds),
claims: identity.Claims,
signingCredentials: new SigningCredentials(JwtBearerDefaultOptions.GetSecurityKey(), SecurityAlgorithms.HmacSha256));
var jwtTokenEncoded = new JwtSecurityTokenHandler().WriteToken(jwtToken);
return(new ExternalAuthenticationResponseData(jwtTokenEncoded, $"{user.Name} {user.Surname}"));
}
