I am developing an AspNetCore 2 application that has web views along with an API (with the / api prefix), and I'm trying to authenticate web views with OpenIdConnect + cookies, while the prefix routes / api are authenticated using JWT tokens ( for mobile app compatibility).
So far, I have been able to register and configure cookies, OpenIdConnect and JWT middlewares using this code:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie()
.AddOpenIdConnect(options => {
var optionsSetup = new OpenIdConnectOptionsSetup(b2cOptions);
optionsSetup.Configure(options);
});
services.AddAuthentication()
.AddJwtBearer(options => {
var optionsSetup = new JWTBearerOptionsSetup(b2cOptions);
optionsSetup.Configure(options);
});
Along with this line in the Configure method:
app.UseAuthentication();
OpenIdConnectOptionsSetup is taken from (with minor modifications) the aspnetcore AD B2C repositories.
JWTBearerOptionsSetup - AD B2C aspnetcore, JWT .
AJAX- /api OpenId AD, Cookie/OpenIdConnect . , make/api JWTBearer.
? - API?