public static void AddJwtBearerAuthentication( this IServiceCollection services, JwtValidationOptions config ) { services.ConfigureSymmetricAuthKey(config.Key); services.ConfigureRsaAuthKey(config.Key); services.ConfigureTokenValidation(config); }
public static void ConfigureTokenValidation( this IServiceCollection services, JwtValidationOptions config, Func <TokenValidatedContext, Task> onTokenValidated = null) { services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { var provider = services.BuildServiceProvider(); SecurityKey securityKey = null; if (config.SymmetricAlgorhitm) { securityKey = provider.GetRequiredService <SymmetricSecurityKey>(); } else { securityKey = provider.GetRequiredService <RsaSecurityKey>(); } options.TokenValidationParameters = new TokenValidationParameters { ValidateLifetime = false, ValidateIssuer = false, ValidateAudience = false, ValidateIssuerSigningKey = true, ValidIssuer = config.Issuer, ValidAudience = config.Audience, IssuerSigningKey = securityKey }; options.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { if (context.Exception.GetType() == typeof(SecurityTokenExpiredException)) { context.Response.Headers.Add("Token-Expired", "true"); } else if (context.Exception.GetType() == typeof(SecurityTokenInvalidSignatureException)) { context.Response.Headers.Add("Token-Invalid-Signature", "true"); } return(Task.CompletedTask); }, OnTokenValidated = onTokenValidated ?? null }; }); }