-
Notifications
You must be signed in to change notification settings - Fork 0
/
Program.cs
52 lines (41 loc) · 1.89 KB
/
Program.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
using RemoteClaimTransformer.Auth;
using RemoteClaimTransformer.Services;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using Microsoft.AspNetCore.Authentication;
var builder = WebApplication.CreateBuilder(args);
builder.Services
.AddMemoryCache()
.AddHttpContextAccessor()
.AddTransient<UserClaimService>()
.AddSingleton<IClaimsTransformation, RemoteClaimsTransformation>()
.AddAuthentication()
.AddJwtBearer(options =>
{
//Just to use any token in debugging environment
#if DEBUG
options.TokenValidationParameters.ValidateActor = false;
options.TokenValidationParameters.ValidateAudience = false;
options.TokenValidationParameters.ValidateIssuer = false;
options.TokenValidationParameters.ValidateIssuerSigningKey = false;
options.TokenValidationParameters.ValidateLifetime = false;
//Next preview version: options.TokenHandlers.Add(...)
options.TokenValidationParameters.SignatureValidator = (token, validationParams) =>
{
return new JwtSecurityToken(token);
};
#endif
});
builder.Services.AddControllers();
builder.Services.AddAuthorization();
var app = builder.Build();
app
.UseRouting()
.UseAuthentication();
app.MapGet("/grant-through-minimal-api", (ClaimsPrincipal user) => user!.Identity!.Name)
.RequireAuthorization(policy => policy.RequireClaim(Constants.PermissionClaimName, Constants.P1_Permission));
app.UseAuthorization();
#pragma warning disable ASP0014 // Rethrow to preserve stack details
app.UseEndpoints(ep => ep.MapControllers());
#pragma warning restore ASP0014
app.Run();