public static AuthenticationBuilder AddAzureAd(this AuthenticationBuilder builder, Action <AadAuthenticationOptions> configureOptions) { builder.Services.Configure(configureOptions); builder.Services.AddSingleton <IConfigureOptions <JwtBearerOptions>, ConfigureAzureOptions>(); builder.Services.AddSingleton <IConfigureOptions <OpenIdConnectOptions>, ConfigureOpenIdConnecteOptions>(); builder.AddOpenIdConnect(); builder.AddJwtBearer(); return(builder); }
public static AuthenticationBuilder AddAzureAdBearer(this AuthenticationBuilder builder, IConfiguration configuration) { builder.AddJwtBearer(AuthenticationBearers.AzureAD, options => { options.Audience = configuration["AzureAd:ClientId"]; options.TokenValidationParameters.ValidIssuers = new List <string>() { $"{configuration["AzureAd:Instance"]}{configuration["AzureAd:TenantId"]}/v2.0" //For Issuer validation for MSAL v2 }; options.Authority = $"{configuration["AzureAd:Instance"]}{configuration["AzureAd:TenantId"]}"; }); return(builder); }
// Set the authentication options and validation for the JwT Token public static AuthenticationBuilder AddAzureAdBearer(this AuthenticationBuilder builder, Action <AzureAdOptions> configureOptions) { builder.Services.Configure(configureOptions); builder.Services.AddSingleton <IConfigureOptions <JwtBearerOptions>, ConfigureAzureOptions>(); builder.AddJwtBearer(cfg => { cfg.RequireHttpsMetadata = false; cfg.SaveToken = true; cfg.Audience = "e3f598bd-da8d-4a97-86d0-7e903b4d09c3"; cfg.TokenValidationParameters = new IdentityModel.Tokens.TokenValidationParameters() { ValidateAudience = true, ValidateIssuer = true, ValidateLifetime = true, }; }); return(builder); }
/// <summary> /// Adds JWT Bearer authentication to your app for Azure Active Directory Applications. /// </summary> /// <param name="builder">The <see cref="AuthenticationBuilder"/>.</param> /// <param name="scheme">The identifier for the virtual scheme.</param> /// <param name="jwtBearerScheme">The identifier for the underlying JWT Bearer scheme.</param> /// <param name="configureOptions">The <see cref="Action{AzureADOptions}"/> to configure the /// <see cref="AzureADOptions"/>. /// </param> /// <returns>The <see cref="AuthenticationBuilder"/>.</returns> public static AuthenticationBuilder AddAzureADBearer( this AuthenticationBuilder builder, string scheme, string jwtBearerScheme, Action <AzureADOptions> configureOptions) { builder.AddPolicyScheme(scheme, displayName: null, configureOptions: o => { o.ForwardDefault = jwtBearerScheme; }); builder.Services.Configure(TryAddJwtBearerSchemeMapping(scheme, jwtBearerScheme)); builder.Services.TryAddSingleton <IConfigureOptions <AzureADOptions>, AzureADOptionsConfiguration>(); builder.Services.TryAddSingleton <IConfigureOptions <JwtBearerOptions>, JwtBearerOptionsConfiguration>(); builder.Services.Configure(scheme, configureOptions); builder.AddJwtBearer(jwtBearerScheme, o => { }); return(builder); }
public static AuthenticationBuilder AddAzureAdAndB2CBearer(this AuthenticationBuilder builder, IConfiguration configuration) { builder.AddJwtBearer(AuthenticationBearers.AzureAD, options => { options.Audience = configuration["AzureAd:ClientId"]; options.TokenValidationParameters.ValidIssuers = new List <string>() { $"{configuration["AzureAd:Instance"]}{configuration["AzureAd:TenantId"]}/v2.0" //For Issuer validation for MSAL v2 }; options.Authority = $"{configuration["AzureAd:Instance"]}{configuration["AzureAd:TenantId"]}"; options.Events = new JwtBearerEvents { OnMessageReceived = OnMessageReceived }; }) .AddJwtBearer(AuthenticationBearers.AzureB2C, options => { options.Audience = configuration["AzureAdB2CWeb:ClientId"]; options.Authority = $"{configuration["AzureAdB2CWeb:Instance"]}/{configuration["AzureAdB2CWeb:Domain"]}/{configuration["AzureAdB2CWeb:SignUpSignInPolicyId"]}/v2.0"; }); return(builder); }