Exemplo n.º 1
0
        /// <summary>
        /// Adds the requested minter strategy implementation to the service collection.
        /// </summary>
        /// <param name="services"></param>
        /// <param name="type"></param>
        public static void AddTokenAuth(this IServiceCollection services, TokenMinterTypes type, IConfiguration configuration)
        {
            switch (type)
            {
            case TokenMinterTypes.JWS:
                var options = new MinterOptions();
                configuration.Bind("MinterOptions", options);
                var minter = new JwsMinter(options);
                services.AddSingleton <ITokenMinter>(minter);
                _ConfigureForJwtAuth(services, configuration, minter.ValidationParameters, options);
                break;

            case TokenMinterTypes.JWE:
            case TokenMinterTypes.PaSeTo:
                throw new NotImplementedException();
            }
        }
Exemplo n.º 2
0
        private static void _ConfigureForJwtAuth(IServiceCollection services,
                                                 IConfiguration configuration,
                                                 TokenValidationParameters tokenValidationParameters,
                                                 MinterOptions minterOptions)
        {
            // Add the JWT-speciific ClaimsIdentityCompat to services:
            services.AddTransient <IClaimIdentityCompat, ClaimsIdentityCompat>();

            // Add authentication framework
            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
                //options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(configureOptions =>
            {
                configureOptions.ClaimsIssuer = minterOptions.Issuer;
                configureOptions.TokenValidationParameters = tokenValidationParameters;
                configureOptions.SaveToken = false;
            });

            // Add claim-based authorization policies. (Done here as we know that we'll be claim-based
            //  as we're configuring for JWTs)
            services.AddAuthorization(options =>
            {
                options.AddPolicy(
                    PolicyNames.UserAccess,
                    policy =>
                {
                    policy.RequireClaim(ClaimNames.AccessType, AccessLevelValues.User);
                });
                options.AddPolicy(
                    PolicyNames.DaemonAccess,
                    policy =>
                {
                    policy.RequireClaim(ClaimNames.AccessType, AccessLevelValues.Daemon);
                });
                options.AddPolicy(PolicyNames.AnyAuthenticated,
                                  policy =>
                {
                    policy.RequireAuthenticatedUser();
                });
            });
        }
Exemplo n.º 3
0
 public JwsMinter(MinterOptions options)
 {
     Options             = options;
     _securityKey        = new SymmetricSecurityKey(_GenerateKey());
     _signingCredentials = new SigningCredentials(_securityKey, SecurityAlgorithms.HmacSha256);
 }