C#•2w ago

✅ Onion Architecture Authorization doesn't work

I got a presentation layer and api project i make the default scheme JwtBearer in api but when i try to access a authorized controller in presentation layer i got 404 because of the scheme i gotta make manually like this

[Authorize(AuthenticationSchemes =JwtBearerDefaults.AuthenticationScheme)]

[Authorize(AuthenticationSchemes =JwtBearerDefaults.AuthenticationScheme)]

I don't want to make every authorize attribute like this so how can i solve this problem

2 Replies

SalightOP•2w ago

public static void ConfigureJWT(this IServiceCollection services, IConfiguration
configuration)
{
    var jwtConfiguration = new JwtConfiguration();
    configuration.Bind(jwtConfiguration.Section, jwtConfiguration);
    var secretKey = Environment.GetEnvironmentVariable("SECRET");
    services.AddAuthentication(opt =>
    {
        opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
    })
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,

            ValidIssuer = jwtConfiguration.ValidIssuer,
            ValidAudience = jwtConfiguration.ValidAudience,
            IssuerSigningKey = new
        SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
        };
    });
}

public static void ConfigureJWT(this IServiceCollection services, IConfiguration
configuration)
{
    var jwtConfiguration = new JwtConfiguration();
    configuration.Bind(jwtConfiguration.Section, jwtConfiguration);
    var secretKey = Environment.GetEnvironmentVariable("SECRET");
    services.AddAuthentication(opt =>
    {
        opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        opt.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
    })
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidateLifetime = true,
            ValidateIssuerSigningKey = true,

            ValidIssuer = jwtConfiguration.ValidIssuer,
            ValidAudience = jwtConfiguration.ValidAudience,
            IssuerSigningKey = new
        SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey))
        };
    });
}

my extension method

"JwtSettings": {
  "validIssuer": "https://localhost:5001",
  "validAudience": "https://localhost:5001",
  "expires": 5
}

"JwtSettings": {
  "validIssuer": "https://localhost:5001",
  "validAudience": "https://localhost:5001",
  "expires": 5
}

Unknown User•2w ago

Message Not Public

Gaming

Programming

✅ Onion Architecture Authorization doesn't work

Did you find this page helpful?