// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)); app.UseCors(builder => builder.AllowAnyOrigin() .AllowAnyHeader() .AllowAnyMethod() ); var tokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = Configuration["ValidIssuer"], // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = Configuration["ValidAudience"], // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero, }; MolecularJwtTokenHandler jwtHandler = new MolecularJwtTokenHandler(); JwtBearerOptions bearerOptions = new JwtBearerOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, TokenValidationParameters = tokenValidationParameters, Authority = Configuration["domain"], RequireHttpsMetadata = false, Audience = Configuration["ValidAudience"], Configuration = new OpenIdConnectConfiguration { Issuer = Configuration["ValidIssuer"], }, Events = new JwtBearerEvents { OnAuthenticationFailed = context => { return(Task.FromResult(0)); }, OnMessageReceived = context => { return(Task.FromResult(0)); }, OnTokenValidated = context => { //app.ApplicationServices.GetService<HttpContext>().User = new MolecularPrincipal(app.ApplicationServices.GetService<IdentityResolver>().GetIdentity(context.Ticket.Principal.Identity.Name)); //context.HttpContext.User = new MolecularPrincipal(app.ApplicationServices.GetService<IdentityResolver>().GetIdentity(context.Ticket.Principal.Identity.Name)); Console.Write(context.Ticket.Principal.Identity.Name); return(Task.FromResult(0)); }, OnChallenge = context => { return(Task.FromResult(0)); } } }; bearerOptions.SecurityTokenValidators.RemoveAt(0); bearerOptions.SecurityTokenValidators.Add(jwtHandler); app.UseJwtBearerAuthentication(bearerOptions); app.UseSwagger(); app.UseSwaggerUi(); app.UseSimpleTokenProvider(new TokenProviderOptions { Path = "/token", Audience = Configuration["ValidAudience"], Issuer = Configuration["ValidIssuer"], SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256), IdentityResolver = app.ApplicationServices.GetService <IdentityResolver>().CheckUserLogin, Expiration = DateTime.Now.AddDays(7).TimeOfDay }); app.UseMvc(); }
public static IApplicationBuilder UseJwtAuthentication(this IApplicationBuilder app) { var Configuration = (IConfiguration)app.ApplicationServices.GetService(typeof(IConfiguration)); MolecularJwtTokenHandler jwtHandler = new MolecularJwtTokenHandler(); var tokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = SigningKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = Configuration["ValidIssuer"], // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = Configuration["ValidAudience"], // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero, }; JwtBearerOptions bearerOptions = new JwtBearerOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, TokenValidationParameters = tokenValidationParameters, Authority = Configuration["domain"], RequireHttpsMetadata = false, Audience = Configuration["ValidAudience"], Configuration = new OpenIdConnectConfiguration { Issuer = Configuration["ValidIssuer"], }, Events = new JwtBearerEvents { OnAuthenticationFailed = context => { return(Task.FromResult(0)); }, OnMessageReceived = context => { return(Task.FromResult(0)); }, OnTokenValidated = context => { var cacheService = app.ApplicationServices.GetService <UserCacheService <IdentityUser> >(); var identity = context.Ticket.Principal.Identity as MolecularIdentity; var idClaim = identity.Claims.FirstOrDefault(i => i.Type == "Id"); if (idClaim != null) { var cachedUser = cacheService.Get(idClaim.Value); identity.User = cachedUser; } Console.Write(context.Ticket.Principal.Identity.Name); return(Task.FromResult(0)); }, OnChallenge = context => { return(Task.FromResult(0)); } } }; bearerOptions.SecurityTokenValidators.RemoveAt(0); bearerOptions.SecurityTokenValidators.Add(jwtHandler); app.UseJwtBearerAuthentication(bearerOptions); return(app); }