private static AuthenticationHandler GetDefaultAuthenticationHandler() { var authConfig = new AuthenticationConfiguration(); #region Basic Authentication authConfig.AddBasicAuthentication((userName, password) => { return userName == password; }); #endregion //#region SWT //authConfig.Handler.AddSimpleWebToken( // "SWT", // Constants.Issuer, // Constants.Realm, // "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg="); //#endregion #region SAML2 tokens var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("D263DDCF598E716F0037380796A4A62DF017ADB8", "TEST"); var saml2Config = new SecurityTokenHandlerConfiguration(); saml2Config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://test")); saml2Config.IssuerNameRegistry = registry; saml2Config.CertificateValidator = X509CertificateValidator.None; authConfig.AddSaml2(saml2Config, AuthenticationOptions.ForAuthorizationHeader("Saml2")); #endregion var authHandler = new AuthenticationHandler(authConfig); return authHandler; }
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme) { var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer(issuerThumbprint, issuerName); var handlerConfig = new SecurityTokenHandlerConfiguration(); handlerConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(audienceUri)); handlerConfig.IssuerNameRegistry = registry; handlerConfig.CertificateValidator = certificateValidator; configuration.AddSaml2(handlerConfig, options, scheme); }
private static AuthenticationConfiguration CreateAuthenticationConfiguration() { var authentication = new AuthenticationConfiguration { ClaimsAuthenticationManager = new ClaimsTransformer(), RequireSsl = false, EnableSessionToken = true }; #region Basic Authentication authentication.AddBasicAuthentication(UserCredentials.Validate); #endregion #region IdentityServer JWT //authentication.AddJsonWebToken( // issuer: Constants.IdSrv.IssuerUri, // audience: Constants.Audience, // signingKey: Constants.IdSrv.SigningKey); authentication.AddMsftJsonWebToken( issuer: Constants.IdSrv.IssuerUri, audience: Constants.Audience, signingKey: Constants.IdSrv.SigningKey); #endregion #region Access Control Service JWT authentication.AddJsonWebToken( issuer: Constants.ACS.IssuerUri, audience: Constants.Audience, signingKey: Constants.ACS.SigningKey, scheme: Constants.ACS.Scheme); #endregion #region IdentityServer SAML authentication.AddSaml2( issuerThumbprint: Constants.IdSrv.SigningCertThumbprint, issuerName: Constants.IdSrv.IssuerUri, audienceUri: Constants.Realm, certificateValidator: X509CertificateValidator.None, options: AuthenticationOptions.ForAuthorizationHeader(Constants.IdSrv.SamlScheme), scheme: AuthenticationScheme.SchemeOnly(Constants.IdSrv.SamlScheme)); #endregion #region Client Certificates authentication.AddClientCertificate(ClientCertificateMode.ChainValidation); #endregion return authentication; }
private static AuthenticationConfiguration CreateAuthenticationConfiguration() { var authentication = new AuthenticationConfiguration { ClaimsAuthenticationManager = new ClaimsTransformer(), RequireSsl = false, EnableSessionToken = true }; #region Basic Authentication authentication.AddBasicAuthentication((username, password) => UserCredentials.Validate(username, password)); #endregion #region IdentityServer JWT authentication.AddJsonWebToken( Constants.IdSrv.IssuerUri, Constants.Audience, Constants.IdSrv.SigningKey); #endregion #region Access Control Service JWT authentication.AddJsonWebToken( Constants.ACS.IssuerUri, Constants.Audience, Constants.ACS.SigningKey, AuthenticationOptions.ForAuthorizationHeader(Constants.ACS.Scheme)); #endregion #region #IdentityServer SAML authentication.AddSaml2( issuerThumbprint: Constants.IdSrv.SigningCertThumbprint, issuerName: Constants.IdSrv.IssuerUri, audienceUri: Constants.Realm, certificateValidator: X509CertificateValidator.None, options: AuthenticationOptions.ForAuthorizationHeader(Constants.IdSrv.SamlScheme)); #endregion return authentication; }
public static AuthenticationConfiguration CreateConfiguration() { var config = new AuthenticationConfiguration { DefaultAuthenticationScheme = "Basic", EnableSessionToken = true }; #region BasicAuthentication config.AddBasicAuthentication((userName, password) => userName == password, retainPassword: false); #endregion #region SimpleWebToken config.AddSimpleWebToken( issuer: "http://identity.thinktecture.com/trust", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("IdSrv")); #endregion #region JsonWebToken config.AddJsonWebToken( issuer: "http://selfissued.test", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("JWT")); #endregion #region IdentityServer SAML var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); idsrvRegistry.AddTrustedIssuer("A1EED7897E55388FCE60FEF1A1EED81FF1CBAEC6", "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); idsrvConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); idsrvConfig.IssuerNameRegistry = idsrvRegistry; idsrvConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(idsrvConfig, AuthenticationOptions.ForAuthorizationHeader("IdSrvSaml")); #endregion #region ADFS SAML var adfsRegistry = new ConfigurationBasedIssuerNameRegistry(); adfsRegistry.AddTrustedIssuer("8EC7F962CC083FF7C5997D8A4D5ED64B12E4C174", "ADFS"); adfsRegistry.AddTrustedIssuer("b6 93 46 34 7f 70 a9 c3 72 02 18 ae f1 82 2a 5c 97 b1 8c a5", "PETS ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = adfsRegistry; adfsConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(adfsConfig, AuthenticationOptions.ForAuthorizationHeader("AdfsSaml")); #endregion #region ACS SWT config.AddSimpleWebToken( issuer: "https://" + Constants.ACS + "/", audience: Constants.Realm, signingKey: Constants.AcsSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("ACS")); #endregion #region AccessKey config.AddAccessKey(token => { if (ObfuscatingComparer.IsEqual(token, "accesskey123")) { return Principal.Create("Custom", new Claim("customerid", "123"), new Claim("email", "*****@*****.**")); } return null; }, AuthenticationOptions.ForQueryString("key")); #endregion #region Client Certificate config.AddClientCertificate( ClientCertificateMode.ChainValidationWithIssuerSubjectName, "CN=PortableCA"); #endregion return config; }
public static AuthenticationConfiguration CreateConfiguration() { var config = new AuthenticationConfiguration { DefaultAuthenticationScheme = "Basic", EnableSessionToken = true }; #region BasicAuthentication config.AddBasicAuthentication((userName, password) => userName == password); #endregion #region SimpleWebToken config.AddSimpleWebToken( issuer: Constants.IdSrvIssuerName, audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("IdSrv")); #endregion #region JsonWebToken config.AddJsonWebToken( issuer: "http://selfissued.test", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("JWT")); #endregion #region IdentityServer SAML var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); idsrvRegistry.AddTrustedIssuer(Constants.IdSrvSamlSigningKeyThumbprint, "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); idsrvConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); idsrvConfig.IssuerNameRegistry = idsrvRegistry; idsrvConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(idsrvConfig, AuthenticationOptions.ForAuthorizationHeader("IdSrvSaml")); #endregion #region ADFS SAML var adfsRegistry = new ConfigurationBasedIssuerNameRegistry(); adfsRegistry.AddTrustedIssuer(Constants.AdfsSamlSigningKeyThumbprint, "ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = adfsRegistry; adfsConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(adfsConfig, AuthenticationOptions.ForAuthorizationHeader("AdfsSaml")); #endregion #region ACS SWT config.AddSimpleWebToken( issuer: "https://" + Constants.ACS + "/", audience: Constants.Realm, signingKey: Constants.AcsSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("ACS")); #endregion #region AccessKey config.AddAccessKey(token => { if (ObfuscatingComparer.IsEqual(token, "accesskey123")) { return Principal.Create("Custom", new Claim("customerid", "123"), new Claim("email", "*****@*****.**")); } return null; }, AuthenticationOptions.ForQueryString("key")); #endregion return config; }
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme) { var handlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator); configuration.AddSaml2(handlerConfig, options, scheme); }
public static void Register(HttpConfiguration config) { var authConfig = new AuthenticationConfiguration { RequireSsl = false, ClaimsAuthenticationManager = new ClaimsTransformer(), EnableSessionToken = true, //SessionToken = new SessionTokenConfiguration() // { // EndpointAddress = "apiArea/fuel/token" // } }; var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer(System.Configuration.ConfigurationManager.AppSettings["SigningThumbPrint"], System.Configuration.ConfigurationManager.AppSettings["IssuerURI"]); var handlerConfig = new SecurityTokenHandlerConfiguration(); handlerConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(System.Configuration.ConfigurationManager.AppSettings["AudianceUri"])); handlerConfig.IssuerNameRegistry = registry; handlerConfig.CertificateValidator = X509CertificateValidator.None; handlerConfig.ServiceTokenResolver = new X509CertificateStoreTokenResolver(StoreName.My, StoreLocation.LocalMachine); authConfig.AddSaml2(handlerConfig, AuthenticationOptions.ForAuthorizationHeader("SAML"), AuthenticationScheme.SchemeOnly("SAML")); config.MessageHandlers.Add(new AuthenticationHandler(authConfig)); config.Routes.MapHttpRoute( name: "DefaultApi", routeTemplate: "api/{controller}/{id}", defaults: new { id = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "OffhirePricingValueRoute", routeTemplate: "apiArea/{area}/OffhirePricingValue/", defaults: new { controller = "OffhirePricingValue" } ); //{startDateTime:datetime:regex(\d{4}\d{2}\d{2} \d{2}\d{2}\d{2})} //{startDateTime:datetime:regex(\\d{4}\\d{2}\\d{2}\\d{2}\\d{2}\\d{2})} // [Route("date/{pubdate:datetime:regex(\\d{4}-\\d{2}-\\d{2})}")] //[Route("date/{*pubdate:datetime:regex(\\d{4}/\\d{2}/\\d{2})}")] config.Routes.MapHttpRoute( name: "OffhireManagementSystemPreparedDataRoute", routeTemplate: "apiArea/{area}/OffhireManagementSystem/{referenceNumber}/PreparedData/{introducerId}", defaults: new { controller = "OffhireManagementSystemPreparedData" } ); config.Routes.MapHttpRoute( name: "OffhireManagementSystemRoute", routeTemplate: "apiArea/{area}/OffhireManagementSystem/{referenceNumber}", defaults: new { controller = "OffhireManagementSystem", referenceNumber = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "OffhireDetailRoute", routeTemplate: "apiArea/{area}/Offhire/{id}/Detail/{detailId}", defaults: new { controller = "OffhireDetail", detailId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "OffhireRoute", routeTemplate: "apiArea/{area}/Offhire/{id}", defaults: new { controller = "Offhire", vesselId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "CompanyOwnedVesselRoute", routeTemplate: "apiArea/{area}/Company/{id}/OwnedVessel/{vesselId}", defaults: new { controller = "CompanyOwnedVessel", vesselId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "ScrapInventoryOperationRoute", routeTemplate: "apiArea/{area}/Scrap/{id}/InventoryOperation/{operationId}", defaults: new { controller = "ScrapInventoryOperation", operationId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "ScrapDetailRoute", routeTemplate: "apiArea/{area}/Scrap/{id}/Detail/{detailId}", defaults: new { controller = "ScrapDetail", detailId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "ScrapRoute", routeTemplate: "apiArea/{area}/Scrap/{id}", defaults: new { controller = "Scrap", id = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "VoyageLogRoute", routeTemplate: "apiArea/{area}/Voyage/{voyageId}/Log/", defaults: new { controller = "VoyageLog", } ); config.Routes.MapHttpRoute( name: "VoyageRoute", routeTemplate: "apiArea/{area}/Voyage/{id}", defaults: new { controller = "Voyage", id = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "FuelReportInventoryResultRoute", routeTemplate: "apiArea/{area}/FuelReport/{id}/InventoryResult/", defaults: new { controller = "FuelReportInventoryResult", } ); config.Routes.MapHttpRoute( name: "FuelReportDetailInventoryOperationRoute", routeTemplate: "apiArea/{area}/FuelReport/{id}/Detail/{detailId}/InventoryOperation/{operationId}", defaults: new { controller = "FuelReportDetailInventoryOperation", operationId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "FuelReportDetailRoute", routeTemplate: "apiArea/{area}/FuelReport/{id}/Detail/{detailId}", defaults: new { controller = "FuelReportDetail", detailId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "OrderItemRoute", routeTemplate: "apiArea/{area}/Order/{id}/OrderItem/{orderItemId}", defaults: new { controller = "OrderItem", orderItemId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "InvoiceItemRoute", routeTemplate: "apiArea/{area}/Invoice/{id}/InvoiceItem/{invoiceItemId}", defaults: new { controller = "InvoiceItem", invoiceItemId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "MainUnitValue", routeTemplate: "apiArea/{area}/MainUnit/{goodId}/{goodUnitId}/{value}", defaults: new { controller = "OrderItem", }); config.Routes.MapHttpRoute( name: "CharterItemRoute", routeTemplate: "apiArea/{area}/Charter/{id}/CharterItem/{charterItemId}", defaults: new { controller = "CharterItem", charterItemId = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "Default_apiArea", routeTemplate: "apiArea/{area}/{controller}/{id}", defaults: new { id = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "apiAreaWithAction", routeTemplate: "apiArea/{area}/{controller}/{action}/{id}", defaults: new { id = RouteParameter.Optional } ); config.Routes.MapHttpRoute( name: "Default_areaApi", routeTemplate: "apiArea/{area}/{controller}/{action}/{id}", // "apiArea/Order/{id}/OrderDetail/{DetailId}", defaults: new { action = "UpdateOrderItem", id = RouteParameter.Optional } ); config.Filters.Add(DependencyResolver.Current.GetService<GlobalExceptionHandlingAttribute>()); }
public static AuthenticationConfiguration CreateConfiguration() { var config = new AuthenticationConfiguration { DefaultAuthenticationScheme = "Basic", }; #region Basic Authentication config.AddBasicAuthentication((userName, password) => userName == password); #endregion #region SimpleWebToken config.AddSimpleWebToken( "http://identity.thinktecture.com/trust", Constants.Realm, Constants.IdSrvSymmetricSigningKey, AuthenticationOptions.ForAuthorizationHeader("IdSrv")); #endregion #region JsonWebToken config.AddJsonWebToken( "http://selfissued.test", Constants.Realm, Constants.IdSrvSymmetricSigningKey, AuthenticationOptions.ForAuthorizationHeader("JWT")); #endregion #region IdentityServer SAML var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); idsrvRegistry.AddTrustedIssuer("A1EED7897E55388FCE60FEF1A1EED81FF1CBAEC6", "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); idsrvConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); idsrvConfig.IssuerNameRegistry = idsrvRegistry; idsrvConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(idsrvConfig, AuthenticationOptions.ForAuthorizationHeader("IdSrvSaml")); #endregion #region ACS SWT config.AddSimpleWebToken( "https://" + Constants.ACS + "/", Constants.Realm, Constants.AcsSymmetricSigningKey, AuthenticationOptions.ForAuthorizationHeader("ACS")); #endregion #region AccessKey var handler = new SimpleSecurityTokenHandler("my access key", token => { if (ObfuscatingComparer.IsEqual(token, "accesskey123")) { return new ClaimsIdentity(new Claim[] { new Claim("customerid", "123") }, "Custom"); } return null; }); config.AddAccessKey(handler, AuthenticationOptions.ForQueryString("key")); #endregion return config; }
public static AuthenticationConfiguration CreateConfiguration() { var config = new AuthenticationConfiguration { DefaultAuthenticationScheme = "Basic", EnableSessionToken = true, SetNoRedirectMarker = true }; #region BasicAuthentication config.AddBasicAuthentication((userName, password) => userName == password, retainPassword: false); #endregion #region SimpleWebToken config.AddSimpleWebToken( issuer: Constants.IdSrvIssuerName, audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("IdSrv")); #endregion #region JsonWebToken config.AddJsonWebToken( issuer: "http://selfissued.test", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("JWT")); #endregion #region JsonWebToken Windows Store Client config.AddJsonWebToken( issuer: "http://identityserver45.thinktecture.com/trust/changethis", audience: "https://test/rp/", signingKey: "3ihK5qGVhp8ptIk9+TDucXQW4Aaengg3d5m6gU8nzc8=", options: AuthenticationOptions.ForAuthorizationHeader("Win8")); #endregion #region IdentityServer SAML var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); idsrvRegistry.AddTrustedIssuer(Constants.IdSrvSamlSigningKeyThumbprint, "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); idsrvConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); idsrvConfig.IssuerNameRegistry = idsrvRegistry; idsrvConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(idsrvConfig, AuthenticationOptions.ForAuthorizationHeader("IdSrvSaml")); #endregion #region ADFS SAML var adfsRegistry = new ConfigurationBasedIssuerNameRegistry(); adfsRegistry.AddTrustedIssuer(Constants.AdfsSamlSigningKeyThumbprint, "ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = adfsRegistry; adfsConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(adfsConfig, AuthenticationOptions.ForAuthorizationHeader("AdfsSaml")); #endregion #region ACS SWT config.AddSimpleWebToken( issuer: "https://" + Constants.ACS + "/", audience: Constants.Realm, signingKey: Constants.AcsSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("ACS")); #endregion #region AccessKey config.AddAccessKey(token => { if (ObfuscatingComparer.IsEqual(token, "accesskey123")) { return Principal.Create("Custom", new Claim("customerid", "123"), new Claim("email", "*****@*****.**")); } return null; }, AuthenticationOptions.ForQueryString("key")); #endregion #region Client Certificate config.AddClientCertificate( ClientCertificateMode.ChainValidationWithIssuerSubjectName, "CN=PortableCA"); #endregion return config; }
public static AuthenticationConfiguration CreateConfiguration() { var config = new AuthenticationConfiguration { DefaultAuthenticationScheme = "Basic", }; #region BasicAuthentication config.AddBasicAuthentication((userName, password) => userName == password); #endregion #region SimpleWebToken config.AddSimpleWebToken( issuer: "http://localhost/idsrv/trust", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("IdSrv")); #endregion #region JsonWebToken config.AddJsonWebToken( issuer: "http://selfissued.test", audience: Constants.Realm, signingKey: Constants.IdSrvSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("JWT")); #endregion #region IdentityServer SAML var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); idsrvRegistry.AddTrustedIssuer("a90d2bc088d949d63321e1152065234c1acda7b1", "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); idsrvConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); idsrvConfig.IssuerNameRegistry = idsrvRegistry; idsrvConfig.CertificateValidator = X509CertificateValidator.None; config.AddSaml2(idsrvConfig, AuthenticationOptions.ForAuthorizationHeader("IdSrvSaml")); #endregion #region ACS SWT config.AddSimpleWebToken( issuer: "https://" + Constants.ACS + "/", audience: Constants.Realm, signingKey: Constants.AcsSymmetricSigningKey, options: AuthenticationOptions.ForAuthorizationHeader("ACS")); #endregion #region AccessKey var handler = new SimpleSecurityTokenHandler(token => { if (ObfuscatingComparer.IsEqual(token, "accesskey123")) { return IdentityFactory.Create("Custom", new Claim("customerid", "123"), new Claim("email", "*****@*****.**")); } return null; }); config.AddAccessKey(handler, AuthenticationOptions.ForQueryString("key")); #endregion return config; }