public static void SetJwtBearer(this IApplicationBuilder app, Auth0Settings settings, Func<ClaimsIdentity, Task> onTokenValidated) { var options = new JwtBearerOptions() { Audience = settings.ClientId, Authority = $"https://{settings.Domain}", Challenge = $"Bearer realm=\"{settings.Domain}\", scope=\"client_id={settings.ClientId} service=\"", Events = new JwtBearerEvents { OnAuthenticationFailed = context => { logger.LogDebug("Authentication failed.", context.Exception); return Task.FromResult(0); }, OnChallenge = context => { logger.LogDebug("Bearer Auth OnChallenge."); return Task.FromResult(true); }, OnMessageReceived = context => { logger.LogDebug("Bearer Auth OnMessageReceived"); return Task.FromResult(true); }, OnTokenValidated = async context => { var claimsIdentity = context.Ticket.Principal.Identity as ClaimsIdentity; logger.LogInformation($"{claimsIdentity?.Name} authenticated using bearer authentication."); await onTokenValidated(claimsIdentity); } } }; app.UseJwtBearerAuthentication(options); // this is a hack, which hopefully will be solved with RC2 of .net core // * The problem has been discussed here: https://github.com/aspnet/Security/issues/555 // * The workaround got copied from here: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/191 app.Use(next => async context => { try { await next(context); } catch (SecurityTokenException) { // If the headers have already been sent, you can't replace the status code. // In this case, throw an exception to close the connection. if (context.Response.HasStarted) { throw; } context.Response.StatusCode = 401; } }); }
public static void SetJwtBearer(this IApplicationBuilder app, Auth0Settings settings, Func <ClaimsIdentity, Task> onTokenValidated) { var options = new JwtBearerOptions() { Audience = settings.ClientId, Authority = $"https://{settings.Domain}", Challenge = $"Bearer realm=\"{settings.Domain}\", scope=\"client_id={settings.ClientId} service=\"", Events = new JwtBearerEvents { OnAuthenticationFailed = context => { logger.LogDebug("Authentication failed.", context.Exception); return(Task.FromResult(0)); }, OnChallenge = context => { logger.LogDebug("Bearer Auth OnChallenge."); return(Task.FromResult(true)); }, OnMessageReceived = context => { logger.LogDebug("Bearer Auth OnMessageReceived"); return(Task.FromResult(true)); }, OnTokenValidated = async context => { var claimsIdentity = context.Ticket.Principal.Identity as ClaimsIdentity; logger.LogInformation($"{claimsIdentity?.Name} authenticated using bearer authentication."); await onTokenValidated(claimsIdentity); } } }; app.UseJwtBearerAuthentication(options); // this is a hack, which hopefully will be solved with RC2 of .net core // * The problem has been discussed here: https://github.com/aspnet/Security/issues/555 // * The workaround got copied from here: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/191 app.Use(next => async context => { try { await next(context); } catch (SecurityTokenException) { // If the headers have already been sent, you can't replace the status code. // In this case, throw an exception to close the connection. if (context.Response.HasStarted) { throw; } context.Response.StatusCode = 401; } }); }