I am trying to keep the Startup as clean as possible. The API receives a JWT token currently only from Google (but in future also Apple I think) but I allow to specify multiple IdPs, you can place it into the config file.
When a user logs in, I check if it is already registered, if no I save user details, in both cases I exchange the token with a self-issued Jwt (it is like a flag, if you have my token I am sure you are in my database).
I am avoiding doing manual (with the libraries) checks on the Jwt token, I have created a policy that excludes self-issued Schema on the login endpoint.
Now the problem: how I can add multiple Schemas with named options? This is my current code:
Startup.cs
services.AddAuthentication().AddJwtBearer();
services.ConfigureOptions<ConfigureAuthenticationOptions>();
services.ConfigureOptions<ConfigureJwtBearerOptions>();
services.AddAuthorization();
services.ConfigureOptions<ConfigureAuthorizationOptions>();
ConfigureJwtBearerOptions.cs
using MakersPortal.Core.Dtos.Configuration;
using MakersPortal.Core.Services;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
namespace MakersPortal.WebApi.Options
{
public class ConfigureJwtBearerOptions : IConfigureNamedOptions<JwtBearerOptions>
{
private readonly IKeyManager _keyManager;
private readonly JwtIssuerDto _issuer;
public ConfigureJwtBearerOptions(IKeyManager keyManager, JwtIssuerDto issuer)
{
_keyManager = keyManager;
_issuer = issuer;
}
public void Configure(JwtBearerOptions options)
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = _keyManager.GetSecurityKeyFromName("jwt").Result,
ValidIssuer = _issuer.Issuer,
ValidateIssuer = true
};
options.Audience = _issuer.Audience;
options.SaveToken = true;
}
public void Configure(string name, JwtBearerOptions options)
{
Configure(options);
}
}
}
Aucun commentaire:
Enregistrer un commentaire