Add JWT Authentication method

2 years ago · e157e8b120
parent f08578bfdb
commit e157e8b120
2 changed files with 36 additions and 3 deletions
--- a/OAuthServer/OAuthServer.csproj
+++ b/OAuthServer/OAuthServer.csproj
@ -9,6 +9,7 @@
    </PropertyGroup>

    <ItemGroup>
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.2" />
        <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.2" />
        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.1"/>
        <PackageReference Include="Microsoft.EntityFrameworkCore" Version="8.0.2" />
--- a/OAuthServer/Program.cs
+++ b/OAuthServer/Program.cs
@ -1,8 +1,10 @@
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption;
 using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
+using Microsoft.OpenApi.Models;
 using OAuthServer;

 var builder = WebApplication.CreateBuilder(args);
@ -13,15 +15,45 @@ builder.Logging.AddConsole();
 // Add services to the container.
 builder.Services.AddControllers();
 builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
+builder.Services.AddSwaggerGen(options =>
+{
+    // Create a authentication schema for JWT tokens
+    options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+    {
+        Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
+        Name = "Authorization",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,
+        Scheme = "bearer",
+        Reference = new OpenApiReference
+        {
+            Type = ReferenceType.SecurityScheme,
+            Id = "Bearer"
+        }
+    });
+});

-builder.Configuration.Sources.Clear();
 builder.Services.AddDbContext<AppDbContext>(options => { options.UseSqlite("DataSource=db.sqlite3"); });

 builder.Services.AddIdentity<IdentityUser, IdentityRole>(options => { options.Stores.MaxLengthForKeys = 128; })
    .AddEntityFrameworkStores<AppDbContext>()
    .AddDefaultTokenProviders();

+builder.Services.AddAuthentication().AddJwtBearer("OAuthToken", options =>
+{
+    // options.RequireHttpsMetadata = false;
+    // options.SaveToken = true;
+    // options.TokenValidationParameters = new TokenValidationParameters()
+    // {
+    //     ValidateIssuer = true,
+    //     ValidateAudience = true,
+    //     RequireSignedTokens = true,
+    //     ValidIssuer = builder.Configuration["Jwt:Issuer"],
+    //     ValidAudience = builder.Configuration["Jwt:Audience"],
+    //     IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JWT_KEY")))
+    // };
+});
+
 builder.Services.Configure<IdentityOptions>(options =>
 {

@ -84,7 +116,7 @@ builder.Services.AddAuthorization(options =>
    // Require the External role to authenticate with a different authentication method
    options.AddPolicy("External", policy => policy
        .RequireRole("External")
-        .AddAuthenticationSchemes(IdentityConstants.ApplicationScheme)
+        .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
    );
 });