stackoom
  简体   繁体   中英

what will be the solution with asp.net core 3.1 web api

 原文  2020-03-19 15:00:26       asp.net-core

Question

I am implementing jwt security using asp.net web api app along with owin like below,

 using Microsoft.Owin;
 using Owin;
 using System.Web.Http;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Jwt;

 [assembly: OwinStartup(typeof(solution.Startup))]

  namespace solution 
 {
 public class Startup
 {
public void Configuration(IAppBuilder app)
{
  app.MapSignalR();
  HttpConfiguration config = new HttpConfiguration();
  config.MapHttpAttributeRoutes();
  ConfigureOAuth(app);
  app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
  app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app)
{
  var issuer = "issuer";
  var audience = "audience";
  var secret = JwtSecurityKey.Create("SecurityKey").GetSymmetricKey();

  // Api controllers with an [Authorize] attribute will be validated with JWT
  var option =
      new JwtBearerAuthenticationOptions
      {
        AuthenticationMode = AuthenticationMode.Active,
        AllowedAudiences = new[] { audience },
        IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
          {
                    new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
          }
      };
  app.UseJwtBearerAuthentication(
        option
    );
 }
}
  }

Any guideline or tutorial how to convert this to asp.net core web api application?

1 answers

solution1
 1 ACCPTED  2020-03-19 17:49:41

In the startup file you could do something similar to this:

ConfigureServices method


            // Configure JWT authentication
            var key = Encoding.UTF8.GetBytes(AppConfig.Secret);

            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                {
                    ValidateIssuer = false,      //or true
                    ValidateAudience = false,    //or true
                    ValidateLifetime = true,
                    ValidateIssuerSigningKey = true,
                    //ValidIssuer = "somewhere.com",
                    //ValidAudience = "somewhere.com",
                    IssuerSigningKey = new SymmetricSecurityKey(key)
                };
            });

...and in the Configure method 

            app.UseAuthentication();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core 3.1: Web API identity sign in Asp.net core 3.1 securing API and web app Global Exception Handler in ASP.NET Core Web API 3.1 Adding Security Headers to ASP.NET Core 3.1 Web Api Web API Request not processed Asp.net Core 3.1 and Axios Web.Api 2 and Asp.Net core in one solution What is the solution of this error in ASP.NET Core 6 ASP.Net Core 3.1 Web API (ApiController), EF Core 3.1 {The system cannot find the file specified.} ASP.NET Core 3.1 project that is referencing a .NET 4.7.2 project in the same solution error 'System.Web.Configuration.WebConfigurationManager' ASP.NET Core 3.1 web API (versioning) and Swagger UI fails due to MvcJsonOptions once published to Azure
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM