// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey));
app.UseCors(builder =>
builder.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod()
);
var tokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
// Validate the JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = Configuration["ValidIssuer"],
// Validate the JWT Audience (aud) claim
ValidateAudience = true,
ValidAudience = Configuration["ValidAudience"],
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here:
ClockSkew = TimeSpan.Zero,
};
MolecularJwtTokenHandler jwtHandler = new MolecularJwtTokenHandler();
JwtBearerOptions bearerOptions = new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = tokenValidationParameters,
Authority = Configuration["domain"],
RequireHttpsMetadata = false,
Audience = Configuration["ValidAudience"],
Configuration = new OpenIdConnectConfiguration
{
Issuer = Configuration["ValidIssuer"],
},
Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
return(Task.FromResult(0));
},
OnMessageReceived = context =>
{
return(Task.FromResult(0));
},
OnTokenValidated = context =>
{
//app.ApplicationServices.GetService<HttpContext>().User = new MolecularPrincipal(app.ApplicationServices.GetService<IdentityResolver>().GetIdentity(context.Ticket.Principal.Identity.Name));
//context.HttpContext.User = new MolecularPrincipal(app.ApplicationServices.GetService<IdentityResolver>().GetIdentity(context.Ticket.Principal.Identity.Name));
Console.Write(context.Ticket.Principal.Identity.Name);
return(Task.FromResult(0));
},
OnChallenge = context =>
{
return(Task.FromResult(0));
}
}
};
bearerOptions.SecurityTokenValidators.RemoveAt(0);
bearerOptions.SecurityTokenValidators.Add(jwtHandler);
app.UseJwtBearerAuthentication(bearerOptions);
app.UseSwagger();
app.UseSwaggerUi();
app.UseSimpleTokenProvider(new TokenProviderOptions
{
Path = "/token",
Audience = Configuration["ValidAudience"],
Issuer = Configuration["ValidIssuer"],
SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
IdentityResolver = app.ApplicationServices.GetService <IdentityResolver>().CheckUserLogin,
Expiration = DateTime.Now.AddDays(7).TimeOfDay
});
app.UseMvc();
}
public static IApplicationBuilder UseJwtAuthentication(this IApplicationBuilder app)
{
var Configuration = (IConfiguration)app.ApplicationServices.GetService(typeof(IConfiguration));
MolecularJwtTokenHandler jwtHandler = new MolecularJwtTokenHandler();
var tokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey = true,
IssuerSigningKey = SigningKey,
// Validate the JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = Configuration["ValidIssuer"],
// Validate the JWT Audience (aud) claim
ValidateAudience = true,
ValidAudience = Configuration["ValidAudience"],
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here:
ClockSkew = TimeSpan.Zero,
};
JwtBearerOptions bearerOptions = new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = tokenValidationParameters,
Authority = Configuration["domain"],
RequireHttpsMetadata = false,
Audience = Configuration["ValidAudience"],
Configuration = new OpenIdConnectConfiguration
{
Issuer = Configuration["ValidIssuer"],
},
Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
return(Task.FromResult(0));
},
OnMessageReceived = context =>
{
return(Task.FromResult(0));
},
OnTokenValidated = context =>
{
var cacheService = app.ApplicationServices.GetService <UserCacheService <IdentityUser> >();
var identity = context.Ticket.Principal.Identity as MolecularIdentity;
var idClaim = identity.Claims.FirstOrDefault(i => i.Type == "Id");
if (idClaim != null)
{
var cachedUser = cacheService.Get(idClaim.Value);
identity.User = cachedUser;
}
Console.Write(context.Ticket.Principal.Identity.Name);
return(Task.FromResult(0));
},
OnChallenge = context =>
{
return(Task.FromResult(0));
}
}
};
bearerOptions.SecurityTokenValidators.RemoveAt(0);
bearerOptions.SecurityTokenValidators.Add(jwtHandler);
app.UseJwtBearerAuthentication(bearerOptions);
return(app);
}
