API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 14th, 2016
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.17 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Text;
  3. using System.Security.Claims;
  4. using System.Security.Principal;
  5. using System.Threading.Tasks;
  6. using CustomTokenAuthProvider;
  7. using Microsoft.AspNetCore.Builder;
  8. using Microsoft.IdentityModel.Tokens;
  9. using Microsoft.Extensions.Options;
  10.  
  11. namespace Blog.TokenAuthGettingStarted
  12. {
  13. public partial class Startup
  14. {
  15.  
  16. private void ConfigureAuth(IApplicationBuilder app)
  17. {
  18.  
  19. var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration.GetSection("TokenAuthentication:SecretKey").Value));
  20.  
  21. var tokenProviderOptions = new TokenProviderOptions
  22. {
  23. Path = Configuration.GetSection("TokenAuthentication:TokenPath").Value,
  24. Audience = Configuration.GetSection("TokenAuthentication:Audience").Value,
  25. Issuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
  26. SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
  27. IdentityResolver = GetIdentity
  28. };
  29.  
  30. var tokenValidationParameters = new TokenValidationParameters
  31. {
  32. // The signing key must match!
  33. ValidateIssuerSigningKey = true,
  34. IssuerSigningKey = signingKey,
  35. // Validate the JWT Issuer (iss) claim
  36. ValidateIssuer = true,
  37. ValidIssuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
  38. // Validate the JWT Audience (aud) claim
  39. ValidateAudience = true,
  40. ValidAudience = Configuration.GetSection("TokenAuthentication:Audience").Value,
  41. // Validate the token expiry
  42. ValidateLifetime = true,
  43. // If you want to allow a certain amount of clock drift, set that here:
  44. ClockSkew = TimeSpan.Zero
  45. };
  46.  
  47. app.UseJwtBearerAuthentication(new JwtBearerOptions
  48. {
  49. AutomaticAuthenticate = true,
  50. AutomaticChallenge = true,
  51. TokenValidationParameters = tokenValidationParameters
  52. });
  53.  
  54. app.UseCookieAuthentication(new CookieAuthenticationOptions
  55. {
  56. AutomaticAuthenticate = true,
  57. AutomaticChallenge = true,
  58. AuthenticationScheme = "Cookie",
  59. CookieName = Configuration.GetSection("TokenAuthentication:CookieName").Value,
  60. TicketDataFormat = new CustomJwtDataFormat(
  61. SecurityAlgorithms.HmacSha256,
  62. tokenValidationParameters)
  63. });
  64.  
  65. app.UseMiddleware<TokenProviderMiddleware>(Options.Create(tokenProviderOptions));
  66. }
  67.  
  68. private Task<ClaimsIdentity> GetIdentity(string username, string password)
  69. {
  70. // DEMO CODE, DON NOT USE IN PRODUCTION!!!
  71. if (username == "TEST" && password == "TEST123")
  72. {
  73. return Task.FromResult(new ClaimsIdentity(new GenericIdentity(username, "Token"), new Claim[] { }));
  74. }
  75.  
  76. // Account doesn't exists
  77. return Task.FromResult<ClaimsIdentity>(null);
  78. }
  79.  
  80. }
  81. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!