/// <summary>
/// Configure downstream api authentication.
/// </summary>
/// <param name="services">Collection of app services.</param>
/// <param name="scheme">Scheme name for authentication.</param>
/// <param name="configuration">Configuration from which the options are loaded.</param>
/// <param name="configureOptions">Configuration.</param>
public static IServiceCollection AddApiJwtAuthentication(
this IServiceCollection services,
string scheme,
IConfiguration configuration,
Action <JwtBearerOptions> configureOptions = null)
{
ApiJwtAuthorizationOptions options = configuration.GetSection <ApiJwtAuthorizationOptions>();
services.AddAuthentication(scheme)
.AddJwtBearer(scheme, x =>
{
x.RequireHttpsMetadata = options.RequireHttpsMetadata;
x.SaveToken = false;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(options.JwtSecret)),
ValidateIssuer = false,
ValidateAudience = false
};
configureOptions?.Invoke(x);
});
return(services);
}
/// <summary>
/// Configure downstream api authentication.
/// </summary>
/// <param name="services">Collection of app services.</param>
/// <param name="schemeNames">Scheme names for authentication.</param>
/// <param name="configuration">Configuration from which the options are loaded.</param>
/// <param name="configureOptions">Configuration.</param>
public static IServiceCollection AddApiJwtAuthentication(
this IServiceCollection services,
IEnumerable <string> schemeNames,
IConfiguration configuration,
Action <JwtBearerOptions> configureOptions = null)
{
ApiJwtAuthorizationOptions configuredOptionsList = configuration.GetSection <ApiJwtAuthorizationOptions>();
IEnumerable <ApiJwtAuthorizationScheme> schemeList = (from scheme in configuredOptionsList.Schemes
where schemeNames.Contains(scheme.SchemeName)
select scheme);
if (!schemeList.Any())
{
throw new ArgumentException("No valid schemes for Api JWT authentication", nameof(schemeNames));
}
AuthenticationBuilder builder;
if (schemeList.Count() == 1)
{
builder = services.AddAuthentication(schemeList.First().SchemeName);
}
else
{
builder = services.AddAuthentication();
}
foreach (var scheme in schemeList)
{
builder = builder.AddJwtBearer(scheme.SchemeName, x =>
{
x.RequireHttpsMetadata = scheme.RequireHttpsMetadata;
x.SaveToken = false;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(scheme.JwtSecret)),
ValidateIssuer = false,
ValidateAudience = false
};
configureOptions?.Invoke(x);
});
}
return(services);
}
