stackoom
  简体   繁体   中英

Setting up JWT authentication in .NET core 2.0

 原文  2018-04-03 01:09:54       c#/ asp.net/ asp.net-core-2.0

Question

I'm in the process of migrating existing .NET core 1.1.4 code over to .NET core 2.0. It looks like we have to change it so that we add the authentication as a service in ConfigureService() instead of in the Configure() function.

We're currently using the following properties:

  • AutomaticAuthenticate
  • AutomaticChallenge
  • TokenValidationParameters.IssuerSigningKey
  • TokenValidationParameters.ValidAudence
  • TokenValidationParameters.ValidateIssuerSigningKey
  • TokenValidationParameters.ValidateLifetime
  • TokenValidationParameters.ValidIssuer

In the migration docs, the AddJwtBearer() has an options parameter with audience so thats what I used. However, I checked the interface of the options class and there doesn't seem to be any of the other values I need. However, There is a TokenValidationParameters property. Can I just instantiate the same token I have now and use that?

1.1.4 version: 

app.UseAuthentication(new JwtBearerOptions
{
    AutomaticAuthenticate = true,
    AutomaticChallenge = true,
    TokenValidationParameters = new TokenValidationParameters
    {
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("AppConfiguration:Key").Value)),
        ValidAudience = Configuration.GetSection("AppConfiguration:SiteUrl").Value,
        ValidateIssuerSigningKey = true,
        ValidateLifetime = true,
        ValidIssuer = Configuration.GetSection("AppConfiguration:SiteUrl").Value
    }
});

2.0.0 version: 

services
    .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        var siteUrl = Configuration.GetSection("AppConfiguration:SiteUrl").Value;

        options.Audience = siteUrl;
        options.Authority = siteUrl;
        options.TokenValidationParameters = new TokenValidationParameters
        {
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("AppConfiguration:Key").Value)),
            ValidateIssuerSigningKey = true,
            ValidateLifetime = true,
            ValidIssuer = Configuration.GetSection("AppConfiguration:SiteUrl").Value,
        };
    });

Does AutomaticAuthenticate and AutomaticChallenge become: 

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme);

1 answers

solution1
 1 ACCPTED  2018-04-10 04:26:10

You're right, the AutomaticAuthenticate and AutomaticChallenge properties are gone in ASP.NET Core 2.0.

They're replaced by this overload of the AddAuthentication method in which you can specify the default authentication scheme.

The ASP.NET Core 1.x to ASP.NET Core 2.0 migration docs cover this.

Doing so means that, on every request, the authentication handler associated with the scheme (in your case, the JWT bearer token handler) will be run to try to authenticate the request.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question JWT on .NET Core 2.0 Is it required to use IdentityDbContext for JWT authentication under .NET Core 2.0 and EF? AuthorizeAttribute with JWT Token- Authentication in .NET Core 2.0 .NET Core 2.0 Identity AND jwt? .net core 2.0 JWT token ASP.Net Core 2.0 mixed authentication of JWT and Windows Authentication doesn't accept credentials Asp Net Core authentication with JWT Firebase Authentication (JWT) with .NET Core Asp-Net-Core WebApi Authentication using Azure ActiveDir oAuth2.0 JWT Token Microsoft Graph .net core 2.0 JWT token expired issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM