public static void SetJwtBearer(this IApplicationBuilder app, Auth0Settings settings, Func<ClaimsIdentity, Task> onTokenValidated)
{
var options = new JwtBearerOptions()
{
Audience = settings.ClientId,
Authority = $"https://{settings.Domain}",
Challenge = $"Bearer realm=\"{settings.Domain}\", scope=\"client_id={settings.ClientId} service=\"",
Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
logger.LogDebug("Authentication failed.", context.Exception);
return Task.FromResult(0);
},
OnChallenge = context =>
{
logger.LogDebug("Bearer Auth OnChallenge.");
return Task.FromResult(true);
},
OnMessageReceived = context =>
{
logger.LogDebug("Bearer Auth OnMessageReceived");
return Task.FromResult(true);
},
OnTokenValidated = async context =>
{
var claimsIdentity = context.Ticket.Principal.Identity as ClaimsIdentity;
logger.LogInformation($"{claimsIdentity?.Name} authenticated using bearer authentication.");
await onTokenValidated(claimsIdentity);
}
}
};
app.UseJwtBearerAuthentication(options);
// this is a hack, which hopefully will be solved with RC2 of .net core
// * The problem has been discussed here: https://github.com/aspnet/Security/issues/555
// * The workaround got copied from here: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/191
app.Use(next => async context =>
{
try
{
await next(context);
}
catch (SecurityTokenException)
{
// If the headers have already been sent, you can't replace the status code.
// In this case, throw an exception to close the connection.
if (context.Response.HasStarted)
{
throw;
}
context.Response.StatusCode = 401;
}
});
}
public static void SetJwtBearer(this IApplicationBuilder app, Auth0Settings settings, Func <ClaimsIdentity, Task> onTokenValidated)
{
var options = new JwtBearerOptions()
{
Audience = settings.ClientId,
Authority = $"https://{settings.Domain}",
Challenge = $"Bearer realm=\"{settings.Domain}\", scope=\"client_id={settings.ClientId} service=\"",
Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
logger.LogDebug("Authentication failed.", context.Exception);
return(Task.FromResult(0));
},
OnChallenge = context =>
{
logger.LogDebug("Bearer Auth OnChallenge.");
return(Task.FromResult(true));
},
OnMessageReceived = context =>
{
logger.LogDebug("Bearer Auth OnMessageReceived");
return(Task.FromResult(true));
},
OnTokenValidated = async context =>
{
var claimsIdentity = context.Ticket.Principal.Identity as ClaimsIdentity;
logger.LogInformation($"{claimsIdentity?.Name} authenticated using bearer authentication.");
await onTokenValidated(claimsIdentity);
}
}
};
app.UseJwtBearerAuthentication(options);
// this is a hack, which hopefully will be solved with RC2 of .net core
// * The problem has been discussed here: https://github.com/aspnet/Security/issues/555
// * The workaround got copied from here: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/191
app.Use(next => async context =>
{
try
{
await next(context);
}
catch (SecurityTokenException)
{
// If the headers have already been sent, you can't replace the status code.
// In this case, throw an exception to close the connection.
if (context.Response.HasStarted)
{
throw;
}
context.Response.StatusCode = 401;
}
});
}
