private void AddAuthentication(IServiceCollection services, AuthenticationOptions authenticationOptions)
{
services.Configure <AuthenticationOptions>(Configuration.GetSection("Authentication"));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(o =>
{
o.Authority = authenticationOptions.Authority;
o.Audience = authenticationOptions.ClientId;
});
services.AddSingleton <IClaimsTransformation, ScopeClaimSplitTransformation>();
}
private static void AddSwagger(IServiceCollection services, AuthenticationOptions authenticationOptions)
{
services.AddSwaggerGen(o =>
{
// Setup our document's basic info
o.SwaggerDoc("v1", new OpenApiInfo
{
Title = "Produtos API",
Version = "1.0"
});
// Define that the API requires OAuth 2 tokens
o.AddSecurityDefinition("aad-jwt", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows
{
// We only define implicit though the UI does support authorization code, client credentials and password grants
// We don't use authorization code here because it requires a client secret, which makes this sample more complicated by introducing secret management
// Client credentials could work, but not when the UI client id == API client id. We'd need a separate registration and granting app permissions to that. And also needs a secret.
// Password grant we don't use because... you shouldn't be using it.
Implicit = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri(authenticationOptions.AuthorizationUrl),
Scopes = DelegatedPermissions.All.ToDictionary(p => $"{authenticationOptions.ApplicationIdUri}/{p}")
}
}
});
// Add security requirements to operations based on [Authorize] attributes
o.OperationFilter <OAuthSecurityRequirementOperationFilter>();
// Include XML comments to documentation
//string xmlDocFilePath = Path.Combine(PlatformServices.Default.Application.ApplicationBasePath, "Joonasw.AadTestingDemo.API.xml");
//o.IncludeXmlComments(xmlDocFilePath);
});
}
