Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: #3 Setup correct authentication scheme #15

Closed
wants to merge 2 commits into from
Closed

fix: #3 Setup correct authentication scheme #15

wants to merge 2 commits into from

Conversation

Jay-Dee
Copy link

@Jay-Dee Jay-Dee commented Aug 29, 2024

#3 Setup correct authentication scheme as per https://github.com/Identityerver/IdentityServer4.AccessTokenValidation/issues/72#issuecomment-329054417

Now correctly responds with 401 for unauthorized instead of 404
image

@meysamhadeli
Copy link
Owner

meysamhadeli commented Sep 2, 2024
edited
Loading

#3 Setup correct authentication scheme as per https://github.com/Identityerver/IdentityServer4.AccessTokenValidation/issues/72#issuecomment-329054417

Now correctly responds with 401 for unauthorized instead of 404 image

@Jay-Dee Thanks for the solution. It works completely. Please consider this small change.
But I have a suggestion instead of pass AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme value to Authorize attribute, You can configure it globally in AddJwt method like below and it's more cleaner.

using BuildingBlocks.Utils;
using BuildingBlocks.Web;
using Duende.IdentityServer.Models;
using IdentityServer4.AccessTokenValidation;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;

namespace BuildingBlocks.Jwt;

public static class JwtExtensions
{
    public static IServiceCollection AddJwt(this IServiceCollection services)
    {
        var jwtOptions = services.GetOptions<JwtBearerOptions>("Jwt");

        services.AddAuthentication(options =>
            {
                options.DefaultScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
                options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
            {
                options.Authority = jwtOptions.Authority;
                options.TokenValidationParameters.ValidateAudience = false;
            });

        if (!string.IsNullOrEmpty(jwtOptions.Audience))
        {
            services.AddAuthorization(options =>
                options.AddPolicy(nameof(ApiScope), policy =>
                {
                    policy.RequireAuthenticatedUser();
                    policy.RequireClaim("scope", jwtOptions.Audience);
                })
            );
        }

        return services;
    }
}

@Jay-Dee
Copy link
Author

Jay-Dee commented Sep 5, 2024

Hi, that makes sense. I have prepared the change but having issues with the testing. Will send a PR when ready

@meysamhadeli
Copy link
Owner

Hi, that makes sense. I have prepared the change but having issues with the testing. Will send a PR when ready

Ok. Thank You :)

@Jay-Dee Jay-Dee closed this Sep 18, 2024
@meysamhadeli
Copy link
Owner

Hi, that makes sense. I have prepared the change but having issues with the testing. Will send a PR when ready

Hi, that makes sense. I have prepared the change but having issues with the testing. Will send a PR when ready

Hi, Is the problem to run the project not resolved?

@Jay-Dee Jay-Dee deleted the bugfix/setup-correct-authentication-scheme branch September 25, 2024 20:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Jay-Dee @meysamhadeli