Want to do something like this:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = false,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("private_key"))
};
})
.AddMicrosoftIdentityWebApi(this.Configuration.GetSection("AzureAd"));
But it crashes. If I add a name for each scheme, then [Authorize] doesn't work.
How I can do something like this, and distinguish the [Authorize] methods on different controllers for either one or the other?
Thanks
For AAD use [Authorize] on the controller
For non AAD then I use [Authorize(AuthenticationSchemes = "Other"]
Add the "Other" scheme name to the.AddJwtBearer one as displayed below.
Happy coding:)
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer("Other", options =>
{
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = false,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("private_key"))
};
})
.AddMicrosoftIdentityWebApi(this.Configuration.GetSection("AzureAd"))
Its not enough just to add Authentication you need to configure policy so both will be validated (in official doc)
services.AddAuthorization(options =>
{
var defaultAuthorizationPolicyBuilder = new AuthorizationPolicyBuilder(
JwtBearerDefaults.AuthenticationScheme,
"AzureAD");
defaultAuthorizationPolicyBuilder =
defaultAuthorizationPolicyBuilder.RequireAuthenticatedUser();
options.DefaultPolicy = defaultAuthorizationPolicyBuilder.Build();
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.