CODEWITHSUNDEEP
c#asp.net-mvcasp.net-coreasp.net-core-mvc
Scott Selby
Scott Selby

Reputation: 9570

JwtBearerAuthentication with ASP.Net 5

ever since this last update of RC1 I am not able to get my MVC app to be able to read and authenticate jwt Tokens. I used to have working code that looked like this in Startup.cs:

 public void Configuration(IAppBuilder app)
 {
    app.UseJwtBearerAuthentication(new MyJwtOptions());
    ...
 }

and then also had this:

public MyJwtOptions()
{
   var issuer = "https://issuer.com";
   var audience = "https://www.audience.com";
   var key = Convert.FromBase64String("secretKey");
            AllowedAudiences = new[] {audience};
            IssuerSecurityTokenProviders = new[] {new SymmetricKeyIssuerSecurityTokenProvider(issuer, key)};
}

the error come here:

app.UseJwtBearerAuthentication()

I searched all over trying to find why this is no longer compatable with DNX 4.5 and DNX Core 5.0. Intellisense tries to help me out and tells me

"You must add reference to Microsoft.AspNet.Http.Abstractions"

doing that does not help at all . I have found other answers that suggest to add reference to Microsoft.AspNet.Authentication.OAuthBearer , also no luck there.

I found another answer that suggests trying it like this:

services.Configure<OAuthBearerAuthenticationOptions>(bearer =>
{
    bearer.TokenValidationParameters.IssuerSigningKey = key;
    bearer.TokenValidationParameters.ValidAudience = TokenAudience;
    bearer.TokenValidationParameters.ValidIssuer = TokenIssuer;
});

the problem with that is I don't know how to create a SecureKey for the IssuerSigningKey

Has anybody else successfully gotten this working with the newest version of Asp.net 5 fc1-final ?

Update

Just about every example I find is for apps that are creating and validating the jwt tokens on their own. In my case I'm using Thinktecture server to validate the tokens. That is why I need audience and issuer and why I am a little lost trying to create the RsaKey. Because the key can't just be something I create locally in an XML file, it needs to be authenticated as a trusted app on the Thinktecture server

Upvotes: 2

Views: 1529

Answers (2)

Scott Selby
Scott Selby

Reputation: 9570

There is no solution to my question in the rc-1 release. From posting another question on here I learned that this has been resolved with the rs-2 update.

If you need rs-2 update before the offical release in Feburary of '16 you can run dvnm update -u to get the latest nightly builds of rc-2

Upvotes: 1

Tratcher
Tratcher

Reputation: 6074

Microsoft.AspNet.Authentication.OAuthBearer was renamed to JwtBearer. https://github.com/aspnet/Announcements/issues/87

Upvotes: 1

Related Questions