CODEWITHSUNDEEP
windowsauthenticationjwtasp.net-core-2.0
ktuominen
ktuominen

Reputation: 21

. Net core 2.0 windows and jwt authentication

Is it possible to implement windows and jwt authentication schemes in same project?

I need windows authentication to catch user without any login page and jwt to handle roles with any other page and wep api.

Upvotes: 2

Views: 729

Answers (1)

coolcake
coolcake

Reputation: 2967

Yes, you can add multiple Authentication schemes to your application. Refer to the following link

I finally got the both working. I didn't find anything solved example on internet, hopefully this would help anyone looking for answers.

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = IISDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = "Bearer";
            }).AddJwtBearer("Bearer", options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateAudience = false,
                    //ValidAudience = "the audience you want to validate",
                    ValidateIssuer = false,
                    //ValidIssuer = "the isser you want to validate",

                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("myapisecretkey")),

                    ValidateLifetime = true, //validate the expiration and not before values in the token

                    ClockSkew = TimeSpan.FromMinutes(5) //5 minute tolerance for the expiration date
                };
            });

            services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                    .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme‌​)
                    .RequireClaim(ClaimTypes.Name, "MyAPIUser").Build());
            });

Then select the authentication scheme you want to use on particular controller by decorating it.

[Route("api/MyController")]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class MyController : Controller

Upvotes: 1

Related Questions