public SecurityModule(IServiceCollection services, SigninConfiguration signinConfiguration, TokenConfiguration tokenConfiguration) { if (services == null) { throw new ArgumentNullException(nameof(services)); } if (signinConfiguration == null) { throw new ArgumentNullException(nameof(signinConfiguration)); } if (tokenConfiguration == null) { throw new ArgumentNullException(nameof(tokenConfiguration)); } services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { var paramsValidation = options.TokenValidationParameters; // configurations paramsValidation.IssuerSigningKey = signinConfiguration.Key; paramsValidation.ValidAudience = tokenConfiguration.Audience; paramsValidation.ValidIssuer = tokenConfiguration.Issuer; // validations paramsValidation.ValidateAudience = true; paramsValidation.ValidateIssuer = true; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; // set tolerance time for token expiration paramsValidation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); }
protected BaseSecurityTokenService(SigninConfiguration signinConfiguration, TokenConfiguration tokenConfiguration) { _signinConfiguration = signinConfiguration ?? throw new ArgumentNullException(nameof(signinConfiguration)); _tokenConfiguration = tokenConfiguration ?? throw new ArgumentNullException(nameof(tokenConfiguration)); }