uzbekdev1/startup.cs

## startup.cs

//ConfigureServices

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
	options.MetadataAddress = "https://{host}/auth/realms/{realm}/.well-known/openid-configuration";
	options.RequireHttpsMetadata = true;
	options.IncludeErrorDetails = true;
	options.SaveToken = true;
	options.TokenValidationParameters = new TokenValidationParameters
	{
		ValidateAudience = true,
		ValidAudiences = new[] { "account" },
		ValidateIssuer = true,
		ValidIssuers = new[] { "{client}" },
		ValidIssuer = "https://{host}/auth/realms",
		ValidateLifetime = true,
		ClockSkew = TimeSpan.Zero
	};
});
services.AddAuthorization();

services.AddCors(options =>
{
	options.AddPolicy("AllowAll", builder => builder.SetIsOriginAllowed(a => true).AllowAnyMethod().AllowAnyHeader().AllowCredentials());
});


//Configure
app.UseStaticFiles();
app.UseRouting();

app.UseCors("AllowAll");

app.UseAuthentication();
app.UseAuthorization();

	//ConfigureServices

	services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
	.AddJwtBearer(options =>
	{
	options.MetadataAddress = "https://{host}/auth/realms/{realm}/.well-known/openid-configuration";
	options.RequireHttpsMetadata = true;
	options.IncludeErrorDetails = true;
	options.SaveToken = true;
	options.TokenValidationParameters = new TokenValidationParameters
	{
	ValidateAudience = true,
	ValidAudiences = new[] { "account" },
	ValidateIssuer = true,
	ValidIssuers = new[] { "{client}" },
	ValidIssuer = "https://{host}/auth/realms",
	ValidateLifetime = true,
	ClockSkew = TimeSpan.Zero
	};
	});
	services.AddAuthorization();

	services.AddCors(options =>
	{
	options.AddPolicy("AllowAll", builder => builder.SetIsOriginAllowed(a => true).AllowAnyMethod().AllowAnyHeader().AllowCredentials());
	});



	//Configure
	app.UseStaticFiles();
	app.UseRouting();

	app.UseCors("AllowAll");

	app.UseAuthentication();
	app.UseAuthorization();