public static IServiceCollection AddSecurity( this IServiceCollection services, IConfiguration configuration) { services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => { options.TokenValidationParameters = new TokenValidationParameters() { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ClockSkew = TimeSpan.Zero, ValidIssuer = configuration["JWT:Issuer"], ValidAudience = configuration["JWT:Audience"], IssuerSigningKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(configuration["JWT:Secret"])) }; options.Events = new JwtBearerEvents() { OnAuthenticationFailed = context => { if (context.Exception is SecurityTokenExpiredException) { context.Response.Headers.Add("RefreshToken", "true"); } var response = new UnauthorizedApiResponse("Token has expired."); var body = ObjectToJson.ToByteArray(response); context.Response.StatusCode = response.Status; context.Response.ContentType = "application/json"; context.Response.Body.Write(body, 0, body.Length); return(Task.CompletedTask); }, OnForbidden = context => { var response = new ForbiddenApiResponse(); var body = ObjectToJson.ToByteArray(response); context.Response.StatusCode = response.Status; context.Response.ContentType = "application/json"; context.Response.Body.Write(body, 0, body.Length); return(Task.CompletedTask); } }; }); services.AddAuthorization(); // Solution wide DI services.AddScoped <IIdentityService, IdentityService>(); // Project wide DI services.AddScoped <IAuthenticationService, AuthenticationService>(); services.AddScoped <ITokenGenerator, TokenGenerator>(); services.AddScoped <IUserService, UserService>(); return(services); }
protected ResponseMessage UnauthorizedResponse(string title = null) { var response = new UnauthorizedApiResponse(title); return(new ResponseMessage(response.Status, response)); }