protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = Jwt.JwtManager.SigningKey(), ValidateIssuer = true, ValidIssuer = Jwt.JwtManager.ValidIssuer, ValidateAudience = true, ValidAudiences = Jwt.JwtManager.ValidAudiences, ValidateLifetime = true, ClockSkew = TimeSpan.Zero }; var configuration = new JwtBearerAuthenticationConfiguration { TokenValidationParameters = tokenValidationParameters }; pipelines.EnableJwtBearerAuthentication(configuration); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var keyByteArray = Encoding.ASCII.GetBytes("Y2F0Y2hlciUyMHdvbmclMjBsb3ZlJTIwLm5ldA=="); var signingKey = new SymmetricSecurityKey(keyByteArray); var tokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = "http://www.c-sharpcorner.com/members/catcher-wong", // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = "Catcher Wong", // Validate the token expiry ValidateLifetime = true, ClockSkew = TimeSpan.Zero }; var configuration = new JwtBearerAuthenticationConfiguration { TokenValidationParameters = tokenValidationParameters, Challenge = "Guest"//if not use this,default to Bearer }; pipelines.EnableJwtBearerAuthentication(configuration); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { Auth0Authenticator auth0Authenticator = container.Resolve <Auth0Authenticator>(); base.ApplicationStartup(container, pipelines); pipelines.EnableJwtBearerAuthentication( new JwtBearerAuthenticationConfiguration { //Challenge = "Guest", TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = jwtSigningKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = $"https://{AuthSettings.Auth0Domain}/", // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = AuthSettings.Auth0ApiIdentifier, // Validate the token expiry ValidateLifetime = true, ClockSkew = TimeSpan.Zero, ValidateActor = true, }, } ); pipelines.BeforeRequest.AddItemToEndOfPipeline(async(context, cancelToken) => { if (context.CurrentUser != null) { UserInfo userInfo = await auth0Authenticator.GetUserInfo(FetchBearerToken(context)); if (userInfo != null) { context.SetCurrentUserInfo(userInfo); context.CurrentUser.AddIdentity(new ClaimsIdentity(userInfo.ToClaims())); } } return(null); }); pipelines.AfterRequest.AddItemToEndOfPipeline(context => { Console.WriteLine(Print(context)); }); }