I use Firebase and the dotnet core in my application stack.
I am generating a JWT file using the Firebase iOS API, and I can confirm that the structure is as expected and valid using the jwt.io parser.
Customization
I followed this article to install the dotnet core to automatically set a principal based on a request.
The setup method of my boot file looks like when in practice the part <project-id>is replaced by the project application (which I can confirm, it is the same as the property audin my JWT parsing, as shown in jwt.io):
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
loggerFactory.AddSerilog();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
IncludeErrorDetails = true,
Authority = "https://securetoken.google.com/<project-id>",
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://securetoken.google.com/<project-id>",
ValidateAudience = true,
ValidAudience = "<project-id>",
ValidateLifetime = true,
},
});
app.UseMvc();
}
Inquiry
, url http://localhost:5000/api/dashboard , Authorize . Authorize, JWT.
Postman, :
401 Unauthorized.
.
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http:
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request starting HTTP/1.1 GET http:
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
Authorization failed for user: (null).
Microsoft.AspNetCore.Authorization.DefaultAuthorizationService:Information: Authorization failed for user: (null).
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1]
Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
Executing ChallengeResult with authentication schemes ().
Microsoft.AspNetCore.Mvc.ChallengeResult:Information: Executing ChallengeResult with authentication schemes ().
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[12]
AuthenticationScheme: Bearer was challenged.
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware:Information: AuthenticationScheme: Bearer was challenged.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms
Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker:Information: Executed action Sured.Api.Controllers.DashboardController.Get (Sured.Api) in 20.2369ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 37.6488ms 401
Google , .
- , ?
, :
<PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
<PackageReference Include="Serilog" Version="2.5.0" />
<PackageReference Include="Serilog.Enrichers.Environment" Version="2.1.2" />
<PackageReference Include="Serilog.Extensions.Logging" Version="1.4.0" />
<PackageReference Include="Serilog.Settings.Configuration" Version="2.4.0" />
<PackageReference Include="Serilog.Sinks.ElasticSearch" Version="5.3.0" />
<PackageReference Include="Serilog.Sinks.RollingFile" Version="3.3.0" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />