Skip to content

Instantly share code, notes, and snippets.

@siacomuzzi

siacomuzzi/gist:1832edeb905a9582a7dd

Last active September 19, 2017 09:43
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save siacomuzzi/1832edeb905a9582a7dd to your computer and use it in GitHub Desktop.
Save siacomuzzi/1832edeb905a9582a7dd to your computer and use it in GitHub Desktop.
Download ZIP
[AUTH0] Using Microsoft.Owin.Security.Jwt authentication middleware with ASP.NET 5.0 (ASP.NET MVC 6)
Raw
gistfile1.md

project.json

{
  // ...
  "dependencies": {
    "Microsoft.AspNet.Server.IIS": "1.0.0-beta1",
    "Microsoft.AspNet.Mvc": "6.0.0-beta1",
    "Microsoft.AspNet.Owin": "1.0.0-beta1",
    "Microsoft.Owin": "3.0.0",
    "Microsoft.Owin.Security": "3.0.0",
    "Microsoft.Owin.Security.Jwt": "3.0.0-rc2"
  },
  "frameworks" : {
    "aspnet50" : { }
  }
}

Startup class

using Microsoft.AspNet.Builder;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Owin.Builder;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.DataHandler.Encoder;
using Microsoft.Owin.Security.Jwt;
using Owin;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;

namespace TodoApi
{
  using AppFunc = Func<IDictionary<string, object>, Task>;

  public class Startup
  {
    public void ConfigureServices(IServiceCollection services)
    {
      services.AddMvc();
    }

    public void Configure(IApplicationBuilder app)
    {
      app.UseOwin(addToPipeline =>
      {
        addToPipeline(next =>
        {
          var appBuilder = new AppBuilder();
          appBuilder.Properties["builder.DefaultApp"] = next;

          var issuer = "https://{YOU}.auth0.com/";
          var audience = "{YOUR_AUTH0_CLIENT_ID}";
          var secret = TextEncodings.Base64Url.Decode(
            "{YOUR_AUTH0_CLIENT_SECRET}");
          
          appBuilder.UseJwtBearerAuthentication(
              new JwtBearerAuthenticationOptions
              {
                AuthenticationMode = AuthenticationMode.Active,
                AllowedAudiences = new[] { audience },
                IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
                {
                  new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
                },
              });

          return appBuilder.Build<AppFunc>();
        });
      });

      app.UseMvc();
    }
  }
}

Download sample

@scottselby
Copy link

This example is no longer compatable with DNX 4.5.1 or DNX Core 5.0 , is there any example I could follow that supports the new frameworks?

@sendittokeith
Copy link

I have the same question. I used JwtSecurityTokenHandler in the last version but this requires 4.0 System.IdentityModel which is not compat.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment