private void ConfigureAuth(IApplicationBuilder app)
{
// get the secret passphrase from config
string secretKey = Configuration.GetSection("TokenAuthentication:SecretKey").Value;
// create the symmetrical key to sign and validate JWTs
var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey));
// create the token validation parameters
var tokenValidationParameters = new TokenValidationParameters {
// The signing key must match!
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
// Validate the JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
// Validate the JWT Audience (aud) claim
ValidateAudience = true,
ValidAudience = Configuration.GetSection("TokenAuthentication:Audience").Value,
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here
ClockSkew = TimeSpan.Zero
};
app.UseJwtBearerAuthentication(new JwtBearerOptions {
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = tokenValidationParameters
});
// Add JWT generation endpoint
var tokenProviderOptions = new Middleware.TokenProviderOptions()
{
Path = Configuration.GetSection("TokenAuthentication:TokenPath").Value,
Audience = Configuration.GetSection("TokenAuthentication:Audience").Value,
Issuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
};
app.UseMiddleware <Middleware.TokenProviderMiddleware>(Options.Create(tokenProviderOptions));
}
public TokenProviderMiddleware(RequestDelegate next, IOptions <TokenProviderOptions> options)
{
_next = next;
_options = options.Value;
}