public static AuthenticationBuilder AddJwtValidator(
this AuthenticationBuilder builder,
IConfiguration configuration)
{
builder.Services
.Configure <JwtValidatorSettings>(configuration.GetSection(nameof(JwtValidatorSettings)));
return(builder
.AddJwtBearer(options =>
{
var section = configuration.GetSection(nameof(JwtValidatorSettings));
var audience = section.GetValue <string>(nameof(JwtValidatorSettings.Audience));
var signingKey = section.GetValue <string>(nameof(JwtValidatorSettings.SigningKey));
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = !string.IsNullOrWhiteSpace(audience),
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = JwtDefaults.AuthenticationScheme,
ValidAudience = audience,
IssuerSigningKey = SymmetricSecurityKeyHelper.GetSymmetricSecurityKey(signingKey)
};
}));
}
public string Generate(string key, string audience, IEnumerable <Claim> claims, TimeSpan expiresTimeSpan)
{
var now = DateTime.UtcNow;
var expires = now.Add(expiresTimeSpan);
var securityKey = SymmetricSecurityKeyHelper.GetSymmetricSecurityKey(key);
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(JwtDefaults.AuthenticationScheme, audience, claims, now, expires, credentials);
return(new JwtSecurityTokenHandler().WriteToken(jwt));
}