// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
//load Multifactor settings
var multifactorSection = Configuration.GetSection("Multifactor");
var apiKey = multifactorSection["ApiKey"];
var apiSecret = multifactorSection["ApiSecret"];
var callbackUrl = multifactorSection["CallbackUrl"];
//register Multifactor service
var multifactorService = new MultifactorService(apiKey, apiSecret, callbackUrl);
services.AddSingleton(multifactorService);
//register identity service
services.AddSingleton <IdentityService>();
//add Jwt Bearer authentication
services
.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = true;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(apiSecret)), //signature validation key
ValidateIssuer = true,
ValidIssuer = "https://access.multifactor.ru", //only valid token issuer
ValidateAudience = true,
ValidAudience = apiKey,
NameClaimType = ClaimTypes.NameIdentifier //claim where take Authorized User Identity Name
};
});
}
public AccountController(IdentityService identityService, MultifactorService multifactorService)
{
_identityService = identityService ?? throw new ArgumentNullException(nameof(identityService));
_multifactorService = multifactorService ?? throw new ArgumentNullException(nameof(multifactorService));
}
