public static IServiceCollection AddApiJwtAuthentication(
this IServiceCollection services,
JwtOptions tokenOptions,
IWebHostEnvironment environment)
{
if (tokenOptions == null)
{
throw new ArgumentNullException(
$"{nameof(tokenOptions)} is a required parameter. " +
"Please make sure you've provided a valid instance with the appropriate values configured.");
}
services.AddScoped <IJwtTokenHandler, JwtTokenHandler>(serviceProvider =>
new JwtTokenHandler(tokenOptions));
services.AddAuthorization();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(
JwtBearerDefaults.AuthenticationScheme,
options =>
{
options.RequireHttpsMetadata = true;
options.SaveToken = true;
options.TokenValidationParameters = tokenOptions.ToTokenValidationParams();
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
return(services);
}
