public static CombinedAuthenticationOptions FromIdentityServerAuthenticationOptions(IdentityServerAuthenticationOptions options)
        {
            var combinedOptions = new CombinedAuthenticationOptions()
            {
                TokenRetriever       = options.TokenRetriever,
                AuthenticationScheme = options.AuthenticationScheme,

                PassThruOptions = new NopAuthenticationOptions()
                {
                    AuthenticationScheme  = options.AuthenticationScheme,
                    AutomaticAuthenticate = options.AutomaticAuthenticate,
                    AutomaticChallenge    = options.AutomaticChallenge
                }
            };

            switch (options.SupportedTokens)
            {
            case SupportedTokens.Jwt:
                combinedOptions.JwtBearerOptions = ConfigureJwt(options);
                break;

            case SupportedTokens.Reference:
                combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                break;

            case SupportedTokens.Both:
                combinedOptions.JwtBearerOptions     = ConfigureJwt(options);
                combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                break;

            default:
                throw new Exception("SupportedTokens has invalid value");
            }

            combinedOptions.ScopeValidationOptions = new ScopeValidationOptions
            {
                AllowedScopes = new string[] { }
            };

            if (options.ValidateScope)
            {
                var allowedScopes = new List <string>();

                if (options.AllowedScopes != null && options.AllowedScopes.Any())
                {
                    allowedScopes.AddRange(options.AllowedScopes);
                }

                if (allowedScopes.Any())
                {
                    combinedOptions.ScopeValidationOptions = new ScopeValidationOptions
                    {
                        AllowedScopes        = allowedScopes,
                        AuthenticationScheme = options.AuthenticationScheme
                    };
                }
            }

            return(combinedOptions);
        }
        public IdentityServerAuthenticationMiddleware(RequestDelegate next, IApplicationBuilder app, CombinedAuthenticationOptions options, ILogger <IdentityServerAuthenticationMiddleware> logger)
        {
            _options = options;
            _logger  = logger;

            // building pipeline for introspection middleware
            if (options.IntrospectionOptions != null)
            {
                var introspectionBuilder = app.New();
                introspectionBuilder.UseOAuth2IntrospectionAuthentication(options.IntrospectionOptions);
                introspectionBuilder.Run(ctx => next(ctx));
                _introspectionNext = introspectionBuilder.Build();
            }

            // building pipeline for JWT bearer middleware
            if (options.JwtBearerOptions != null)
            {
                var jwtBuilder = app.New();
                jwtBuilder.UseJwtBearerAuthentication(options.JwtBearerOptions);
                jwtBuilder.Run(ctx => next(ctx));
                _jwtNext = jwtBuilder.Build();
            }

            // building pipeline for no token
            var nopBuilder = app.New();

            nopBuilder.UseMiddleware <NopAuthenticationMiddleware>(Options.Create(options.PassThruOptions));
            nopBuilder.Run(ctx => next(ctx));
            _nopNext = nopBuilder.Build();
        }
        public IdentityServerAuthenticationMiddleware(RequestDelegate next, IApplicationBuilder app, CombinedAuthenticationOptions options, ILogger<IdentityServerAuthenticationMiddleware> logger)
        {
            _next = next;
            _options = options;
            _logger = logger;

            // building pipeline for introspection middleware
            if (options.IntrospectionOptions != null)
            {
                var introspectionBuilder = app.New();
                introspectionBuilder.UseOAuth2IntrospectionAuthentication(options.IntrospectionOptions);
                introspectionBuilder.Run(ctx => next(ctx));
                _introspectionNext = introspectionBuilder.Build();
            }

            // building pipeline for JWT bearer middleware
            if (options.JwtBearerOptions != null)
            {
                var jwtBuilder = app.New();
                jwtBuilder.UseJwtBearerAuthentication(options.JwtBearerOptions);
                jwtBuilder.Run(ctx => next(ctx));
                _jwtNext = jwtBuilder.Build();
            }

            // building pipeline for no token
            var nopBuilder = app.New();
            var nopOptions = new NopAuthenticationOptions
            {
                AuthenticationScheme = options.AuthenticationScheme
            };

            nopBuilder.UseMiddleware<NopAuthenticationMiddleware>(nopOptions);
            nopBuilder.Run(ctx => next(ctx));
            _nopNext = nopBuilder.Build();
        }
        public static IApplicationBuilder UseIdentityServerAuthentication(this IApplicationBuilder app, IdentityServerAuthenticationOptions options)
        {
            var combinedOptions = new CombinedAuthenticationOptions();
            combinedOptions.TokenRetriever = options.TokenRetriever;
            combinedOptions.AuthenticationScheme = options.AuthenticationScheme;
            
            switch (options.SupportedTokens)
            {
                case SupportedTokens.Jwt:
                    combinedOptions.JwtBearerOptions = ConfigureJwt(options);
                    break;
                case SupportedTokens.Reference:
                    combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                    break;
                case SupportedTokens.Both:
                    combinedOptions.JwtBearerOptions = ConfigureJwt(options);
                    combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                    break;
                default:
                    throw new Exception("SupportedTokens has invalid value");
            }

            app.UseMiddleware<IdentityServerAuthenticationMiddleware>(app, combinedOptions);

            var allowedScopes = new List<string>();
            if (!string.IsNullOrWhiteSpace(options.ScopeName))
            {
                allowedScopes.Add(options.ScopeName);
            }

            if (options.AdditionalScopes != null && options.AdditionalScopes.Any())
            {
                allowedScopes.AddRange(options.AdditionalScopes);
            }

            if (allowedScopes.Any())
            {
                var scopeOptions = new ScopeValidationOptions
                {
                    AllowedScopes = allowedScopes,
                    AuthenticationScheme = options.AuthenticationScheme
                };

                app.AllowScopes(scopeOptions);
            }

            return app;
        }
        public static CombinedAuthenticationOptions FromIdentityServerAuthenticationOptions(IdentityServerAuthenticationOptions options)
        {
            var combinedOptions = new CombinedAuthenticationOptions();

            combinedOptions.TokenRetriever       = options.TokenRetriever;
            combinedOptions.AuthenticationScheme = options.AuthenticationScheme;

            switch (options.SupportedTokens)
            {
            case SupportedTokens.Jwt:
                combinedOptions.JwtBearerOptions = ConfigureJwt(options);
                break;

            case SupportedTokens.Reference:
                combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                break;

            case SupportedTokens.Both:
                combinedOptions.JwtBearerOptions     = ConfigureJwt(options);
                combinedOptions.IntrospectionOptions = ConfigureIntrospection(options);
                break;

            default:
                throw new Exception("SupportedTokens has invalid value");
            }

            if (options.ValidateScope)
            {
                var allowedScopes = new List <string>();
                if (!string.IsNullOrWhiteSpace(options.ScopeName))
                {
                    allowedScopes.Add(options.ScopeName);
                }

                if (options.AdditionalScopes != null && options.AdditionalScopes.Any())
                {
                    allowedScopes.AddRange(options.AdditionalScopes);
                }

                if (allowedScopes.Any())
                {
                    var scopeOptions = new ScopeValidationOptions
                    {
                        AllowedScopes        = allowedScopes,
                        AuthenticationScheme = options.AuthenticationScheme
                    };

                    combinedOptions.ScopeValidationOptions = scopeOptions;
                }
                else
                {
                    var scopeOptions = new ScopeValidationOptions
                    {
                        AllowedScopes = new string[] { }
                    };

                    combinedOptions.ScopeValidationOptions = scopeOptions;
                }
            }

            return(combinedOptions);
        }