public static IServiceCollection AddAuth0([NotNull] this IServiceCollection services, [NotNull] Action <Auth0Options> configureAuth0Options) { Guard.NotNull(services, nameof(services)); Guard.NotNull(configureAuth0Options, nameof(configureAuth0Options)); var auth0Options = new Auth0Options(); configureAuth0Options(auth0Options); services.Configure(configureAuth0Options); services.AddOptions(); services.AddServices(); services.AddJwtBearerAuthentication(auth0Options); services.AddAuthorization(options => { foreach (string policy in auth0Options.Policies) { options.AddPolicy(policy, auth0Options.Domain); } }); return(services); }
public static AuthenticationBuilder AddAuth0(this AuthenticationBuilder builder, string authenticationScheme, string displayName, Action <Auth0Options> options) { var auth0Options = new Auth0Options() { }; options(auth0Options); return(builder.AddOpenIdConnect(authenticationScheme, displayName, oidc => { oidc.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; oidc.SignOutScheme = IdentityServerConstants.SignoutScheme; oidc.Authority = $"https://{auth0Options.Domain}"; oidc.RequireHttpsMetadata = false; oidc.ClientId = auth0Options.ClientId; oidc.ClientSecret = auth0Options.ClientSecret; oidc.ResponseType = "code"; oidc.Scope.Add("openid"); oidc.Scope.Add("profile"); oidc.CallbackPath = new PathString($"/signin-{authenticationScheme}"); oidc.ClaimsIssuer = "Auth0"; oidc.Events = new OpenIdConnectEvents { OnTokenResponseReceived = (context) => { var logger = context.HttpContext.RequestServices.GetRequiredService <ILogger <Startup> >(); logger.LogInformation(context.TokenEndpointResponse.IdToken); return Task.CompletedTask; }, // handle the logout redirection OnRedirectToIdentityProviderForSignOut = (context) => { var logoutUri = $"https://{auth0Options.Domain}/v2/logout?client_id={auth0Options.ClientId}"; var postLogoutUri = context.Properties.RedirectUri; if (!string.IsNullOrEmpty(postLogoutUri)) { if (postLogoutUri.StartsWith("/")) { // transform to absolute var request = context.Request; postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri; } logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}"; } context.Response.Redirect(logoutUri); context.HandleResponse(); return Task.CompletedTask; } }; })); }
private static void AddJwtBearerAuthentication(this IServiceCollection services, Auth0Options auth0Options) { services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.Authority = auth0Options.JwtAuthority; options.Audience = auth0Options.JwtAudience; }); }