using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using AlertWebAPI.Models; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; namespace AlertWebAPI { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddDbContext(opt => opt.UseInMemoryDatabase("AlertItems")); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) //register authentication schema .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, //validate the server that created that token ValidateAudience = true, //ensure that the recipient of the token is authorized to receive it ValidateLifetime = true, //check that the token is not expired and that the signing key of the issuer is valid ValidateIssuerSigningKey = true, //verify that the key used to sign the incoming token is part of a list of trusted keys ValidIssuer = Configuration["Jwt:Issuer"], // specify the value for the issuer ValidAudience = Configuration["Jwt:Issuer"], // specify the value for the audience IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"])) // specify the value for the signing key }; }); services.AddMvc(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app) { app.UseAuthentication(); app.UseMvc(); } } }