public void ConfigureAuth(IAppBuilder app, PortalJwtTokenConfiguration config) { var issuer = config.Issuer; var oAuthServerOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = config.AllowInsecureHttp, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(config.AccessTokenExpiryTimeInMinutes), Provider = new CustomOAuthProvider(config), AccessTokenFormat = new CustomJwtFormat(config) }; app.UseOAuthAuthorizationServer(oAuthServerOptions); var audience = config.AudienceId; var secret = TextEncodings.Base64Url.Decode(config.Secret); app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, AllowedAudiences = new[] { audience }, IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[] { new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret) }, Provider = new OAuthBearerAuthenticationProvider { OnApplyChallenge = async context => { var authHeader = context.Request.Headers.GetValues("Authorization"); if ((authHeader == null || !authHeader.Any()) || !authHeader.Any(c => c.StartsWith("bearer", StringComparison.CurrentCultureIgnoreCase))) { Logger.Warn("Missing Authorization Bearer Token"); context.Response.StatusCode = 400; } await Task.FromResult <object>(null); }, OnValidateIdentity = context => { context.Ticket.Identity.AddClaim(new System.Security.Claims.Claim("newCustomClaim", "newValue")); return(Task.FromResult <object>(null)); } } }); }
public CustomJwtFormat(PortalJwtTokenConfiguration config) { _config = config; }
public CustomOAuthProvider(PortalJwtTokenConfiguration config) { _config = config; }