/// <summary> /// Configure downstream api authentication. /// </summary> /// <param name="services">Collection of app services.</param> /// <param name="scheme">Scheme name for authentication.</param> /// <param name="configuration">Configuration from which the options are loaded.</param> /// <param name="configureOptions">Configuration.</param> public static IServiceCollection AddApiJwtAuthentication( this IServiceCollection services, string scheme, IConfiguration configuration, Action <JwtBearerOptions> configureOptions = null) { ApiJwtAuthorizationOptions options = configuration.GetSection <ApiJwtAuthorizationOptions>(); services.AddAuthentication(scheme) .AddJwtBearer(scheme, x => { x.RequireHttpsMetadata = options.RequireHttpsMetadata; x.SaveToken = false; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(options.JwtSecret)), ValidateIssuer = false, ValidateAudience = false }; configureOptions?.Invoke(x); }); return(services); }
/// <summary> /// Configure downstream api authentication. /// </summary> /// <param name="services">Collection of app services.</param> /// <param name="schemeNames">Scheme names for authentication.</param> /// <param name="configuration">Configuration from which the options are loaded.</param> /// <param name="configureOptions">Configuration.</param> public static IServiceCollection AddApiJwtAuthentication( this IServiceCollection services, IEnumerable <string> schemeNames, IConfiguration configuration, Action <JwtBearerOptions> configureOptions = null) { ApiJwtAuthorizationOptions configuredOptionsList = configuration.GetSection <ApiJwtAuthorizationOptions>(); IEnumerable <ApiJwtAuthorizationScheme> schemeList = (from scheme in configuredOptionsList.Schemes where schemeNames.Contains(scheme.SchemeName) select scheme); if (!schemeList.Any()) { throw new ArgumentException("No valid schemes for Api JWT authentication", nameof(schemeNames)); } AuthenticationBuilder builder; if (schemeList.Count() == 1) { builder = services.AddAuthentication(schemeList.First().SchemeName); } else { builder = services.AddAuthentication(); } foreach (var scheme in schemeList) { builder = builder.AddJwtBearer(scheme.SchemeName, x => { x.RequireHttpsMetadata = scheme.RequireHttpsMetadata; x.SaveToken = false; x.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(scheme.JwtSecret)), ValidateIssuer = false, ValidateAudience = false }; configureOptions?.Invoke(x); }); } return(services); }