JwtBearerAuthentication

TreF01L · 2024-05-03T18:08:35.718Z

Guys, I'm so damn tired. I can't figure out why my code isn't working, been sitting with it for 12 hours now. I want to create a jwtBearerAuthentication and use it with SwaggerGen(). However, I don't get a header with the Bearer token in the request when I use Swagger (no errors), and when I use Postman to validate this request, I get an authorization header, but the HttpContext.User.Claims will be null. There are no errors and that puts me in a quandary.

K

Keswiik•5/3/24, 6:21 PM

$code

KKeswiik $code

M

MODiX•5/3/24, 6:21 PM

To post C# code type the following:
```cs
// code here
```

Get an example by typing

$codegif

$codegif

in chat

For longer snippets, use: https://paste.mod.gg/

T

TreF01LOP•5/3/24, 6:49 PM

namespace MailBridgeSupport.API;

using System.Text;
using MailBridgeSupport.Application.Services;
using MailBridgeSupport.DataAccess.SqlServer;
using MailBridgeSupport.DataAccess.SqlServer.Entities;
using MailBridgeSupport.DataAccess.SqlServer.Repositories;
using MailBridgeSupport.Domain.Interfaces;
using MailBridgeSupport.Domain.Interfaces.Application;
using MailBridgeSupport.Domain.Interfaces.DataAccess;
using MailBridgeSupport.Domain.Interfaces.Infrastructure;
using MailBridgeSupport.Domain.Options;
using MailBridgeSupport.Infrastructure.Services;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.Filters;

public class Program
{
    public static void Main(string[] args)
    {
        var builder = WebApplication.CreateBuilder(args);

        builder.Services.Configure<JWTSecretOptions>(
            builder.Configuration.GetSection(JWTSecretOptions.JWTSecret));
        builder.Services.Configure<SmtpOptions>(
            builder.Configuration.GetSection(SmtpOptions.Smtp));
        builder.Services.Configure<ImapOptions>(
            builder.Configuration.GetSection(ImapOptions.Imap));

        builder.Services.AddControllers();
        builder.Services.AddEndpointsApiExplorer();
        builder.Services.AddHttpContextAccessor();

        builder.Services.AddAuthentication().AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("JWTSecret:Secret").Value!)),
            };
        });

        builder.Services.AddAuthorization();

        builder.Services.AddDetection();

namespace MailBridgeSupport.API;

using System.Text;
using MailBridgeSupport.Application.Services;
using MailBridgeSupport.DataAccess.SqlServer;
using MailBridgeSupport.DataAccess.SqlServer.Entities;
using MailBridgeSupport.DataAccess.SqlServer.Repositories;
using MailBridgeSupport.Domain.Interfaces;
using MailBridgeSupport.Domain.Interfaces.Application;
using MailBridgeSupport.Domain.Interfaces.DataAccess;
using MailBridgeSupport.Domain.Interfaces.Infrastructure;
using MailBridgeSupport.Domain.Options;
using MailBridgeSupport.Infrastructure.Services;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.Filters;

public class Program
{
    public static void Main(string[] args)
    {
        var builder = WebApplication.CreateBuilder(args);

        builder.Services.Configure<JWTSecretOptions>(
            builder.Configuration.GetSection(JWTSecretOptions.JWTSecret));
        builder.Services.Configure<SmtpOptions>(
            builder.Configuration.GetSection(SmtpOptions.Smtp));
        builder.Services.Configure<ImapOptions>(
            builder.Configuration.GetSection(ImapOptions.Imap));

        builder.Services.AddControllers();
        builder.Services.AddEndpointsApiExplorer();
        builder.Services.AddHttpContextAccessor();

        builder.Services.AddAuthentication().AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("JWTSecret:Secret").Value!)),
            };
        });

        builder.Services.AddAuthorization();

        builder.Services.AddDetection();

namespace MailBridgeSupport.API;

using System.Text;
using MailBridgeSupport.Application.Services;
using MailBridgeSupport.DataAccess.SqlServer;
using MailBridgeSupport.DataAccess.SqlServer.Entities;
using MailBridgeSupport.DataAccess.SqlServer.Repositories;
using MailBridgeSupport.Domain.Interfaces;
using MailBridgeSupport.Domain.Interfaces.Application;
using MailBridgeSupport.Domain.Interfaces.DataAccess;
using MailBridgeSupport.Domain.Interfaces.Infrastructure;
using MailBridgeSupport.Domain.Options;
using MailBridgeSupport.Infrastructure.Services;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.Filters;

public class Program
{
    public static void Main(string[] args)
    {
        var builder = WebApplication.CreateBuilder(args);

        builder.Services.Configure<JWTSecretOptions>(
            builder.Configuration.GetSection(JWTSecretOptions.JWTSecret));
        builder.Services.Configure<SmtpOptions>(
            builder.Configuration.GetSection(SmtpOptions.Smtp));
        builder.Services.Configure<ImapOptions>(
            builder.Configuration.GetSection(ImapOptions.Imap));

        builder.Services.AddControllers();
        builder.Services.AddEndpointsApiExplorer();
        builder.Services.AddHttpContextAccessor();

        builder.Services.AddAuthentication().AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("JWTSecret:Secret").Value!)),
            };
        });

        builder.Services.AddAuthorization();

        builder.Services.AddDetection();

namespace MailBridgeSupport.API;

using System.Text;
using MailBridgeSupport.Application.Services;
using MailBridgeSupport.DataAccess.SqlServer;
using MailBridgeSupport.DataAccess.SqlServer.Entities;
using MailBridgeSupport.DataAccess.SqlServer.Repositories;
using MailBridgeSupport.Domain.Interfaces;
using MailBridgeSupport.Domain.Interfaces.Application;
using MailBridgeSupport.Domain.Interfaces.DataAccess;
using MailBridgeSupport.Domain.Interfaces.Infrastructure;
using MailBridgeSupport.Domain.Options;
using MailBridgeSupport.Infrastructure.Services;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.Filters;

public class Program
{
    public static void Main(string[] args)
    {
        var builder = WebApplication.CreateBuilder(args);

        builder.Services.Configure<JWTSecretOptions>(
            builder.Configuration.GetSection(JWTSecretOptions.JWTSecret));
        builder.Services.Configure<SmtpOptions>(
            builder.Configuration.GetSection(SmtpOptions.Smtp));
        builder.Services.Configure<ImapOptions>(
            builder.Configuration.GetSection(ImapOptions.Imap));

        builder.Services.AddControllers();
        builder.Services.AddEndpointsApiExplorer();
        builder.Services.AddHttpContextAccessor();

        builder.Services.AddAuthentication().AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration.GetSection("JWTSecret:Secret").Value!)),
            };
        });

        builder.Services.AddAuthorization();

        builder.Services.AddDetection();

T

TreF01LOP•5/3/24, 6:50 PM

        builder.Services.AddScoped<IImapService, ImapService>();
        builder.Services.AddScoped<ISmtpService, SmtpService>();
        builder.Services.AddScoped<ISentMessagesRepository, SentMessagesRepository>();
        builder.Services.AddScoped<ISessionsRepository, SessionsRepository>();
        builder.Services.AddScoped<IUsersRepository, UsersRepository>();
        builder.Services.AddScoped<IClientMessagesService, ClientMessagesService>();
        builder.Services.AddScoped<IModeratorsService, ModeratorsService>();
        builder.Services.AddScoped<ISentMessagesService, SentMessagesService>();
        builder.Services.AddScoped<ISystemAdminsService, SystemAdminsService>();

        builder.Services
            .AddIdentityCore<UserEntity>()
            .AddRoles<IdentityRole<Guid>>()
            .AddEntityFrameworkStores<MailBridgeSupportDbContext>();

        builder.Services.AddAutoMapper(config =>
        {
            config.AddProfile<ApiMappingProfile>();
            config.AddProfile<DataAccessMappingProfile>();
        });

        builder.Services.AddSwaggerGen(options =>
        {
            options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
            {
                In = ParameterLocation.Header,
                Name = "Authorization",
                Type = SecuritySchemeType.ApiKey
            });

            options.OperationFilter<SecurityRequirementsOperationFilter>();
        });

        builder.Services.AddScoped<IImapService, ImapService>();
        builder.Services.AddScoped<ISmtpService, SmtpService>();
        builder.Services.AddScoped<ISentMessagesRepository, SentMessagesRepository>();
        builder.Services.AddScoped<ISessionsRepository, SessionsRepository>();
        builder.Services.AddScoped<IUsersRepository, UsersRepository>();
        builder.Services.AddScoped<IClientMessagesService, ClientMessagesService>();
        builder.Services.AddScoped<IModeratorsService, ModeratorsService>();
        builder.Services.AddScoped<ISentMessagesService, SentMessagesService>();
        builder.Services.AddScoped<ISystemAdminsService, SystemAdminsService>();

        builder.Services
            .AddIdentityCore<UserEntity>()
            .AddRoles<IdentityRole<Guid>>()
            .AddEntityFrameworkStores<MailBridgeSupportDbContext>();

        builder.Services.AddAutoMapper(config =>
        {
            config.AddProfile<ApiMappingProfile>();
            config.AddProfile<DataAccessMappingProfile>();
        });

        builder.Services.AddSwaggerGen(options =>
        {
            options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
            {
                In = ParameterLocation.Header,
                Name = "Authorization",
                Type = SecuritySchemeType.ApiKey
            });

            options.OperationFilter<SecurityRequirementsOperationFilter>();
        });

        builder.Services.AddScoped<IImapService, ImapService>();
        builder.Services.AddScoped<ISmtpService, SmtpService>();
        builder.Services.AddScoped<ISentMessagesRepository, SentMessagesRepository>();
        builder.Services.AddScoped<ISessionsRepository, SessionsRepository>();
        builder.Services.AddScoped<IUsersRepository, UsersRepository>();
        builder.Services.AddScoped<IClientMessagesService, ClientMessagesService>();
        builder.Services.AddScoped<IModeratorsService, ModeratorsService>();
        builder.Services.AddScoped<ISentMessagesService, SentMessagesService>();
        builder.Services.AddScoped<ISystemAdminsService, SystemAdminsService>();

        builder.Services
            .AddIdentityCore<UserEntity>()
            .AddRoles<IdentityRole<Guid>>()
            .AddEntityFrameworkStores<MailBridgeSupportDbContext>();

        builder.Services.AddAutoMapper(config =>
        {
            config.AddProfile<ApiMappingProfile>();
            config.AddProfile<DataAccessMappingProfile>();
        });

        builder.Services.AddSwaggerGen(options =>
        {
            options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
            {
                In = ParameterLocation.Header,
                Name = "Authorization",
                Type = SecuritySchemeType.ApiKey
            });

            options.OperationFilter<SecurityRequirementsOperationFilter>();
        });

        builder.Services.AddScoped<IImapService, ImapService>();
        builder.Services.AddScoped<ISmtpService, SmtpService>();
        builder.Services.AddScoped<ISentMessagesRepository, SentMessagesRepository>();
        builder.Services.AddScoped<ISessionsRepository, SessionsRepository>();
        builder.Services.AddScoped<IUsersRepository, UsersRepository>();
        builder.Services.AddScoped<IClientMessagesService, ClientMessagesService>();
        builder.Services.AddScoped<IModeratorsService, ModeratorsService>();
        builder.Services.AddScoped<ISentMessagesService, SentMessagesService>();
        builder.Services.AddScoped<ISystemAdminsService, SystemAdminsService>();

        builder.Services
            .AddIdentityCore<UserEntity>()
            .AddRoles<IdentityRole<Guid>>()
            .AddEntityFrameworkStores<MailBridgeSupportDbContext>();

        builder.Services.AddAutoMapper(config =>
        {
            config.AddProfile<ApiMappingProfile>();
            config.AddProfile<DataAccessMappingProfile>();
        });

        builder.Services.AddSwaggerGen(options =>
        {
            options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
            {
                In = ParameterLocation.Header,
                Name = "Authorization",
                Type = SecuritySchemeType.ApiKey
            });

            options.OperationFilter<SecurityRequirementsOperationFilter>();
        });

T

TreF01LOP•5/3/24, 6:50 PM

        builder.Services.AddCors(options =>
        {
            options.AddPolicy("Any", corsPolicyBuilder =>
            {
                corsPolicyBuilder
                    .WithOrigins(new[] { "http://localhost:5173", "https://localhost:5173", "http://localhost:5174" })
                    .AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials();
            });
        });

        builder.Services.AddDbContext<MailBridgeSupportDbContext>(options =>
            options.UseSqlServer(
                builder.Configuration.GetConnectionString("MailBridgeSupportDbContext"),
                x => x.MigrationsAssembly("MailBridgeSupport.DataAccess.SqlServer")));

        var app = builder.Build();

        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }


        app.UseHttpsRedirection();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseCors("Any");

        app.MapControllers();

        app.Run();
    }
}

        builder.Services.AddCors(options =>
        {
            options.AddPolicy("Any", corsPolicyBuilder =>
            {
                corsPolicyBuilder
                    .WithOrigins(new[] { "http://localhost:5173", "https://localhost:5173", "http://localhost:5174" })
                    .AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials();
            });
        });

        builder.Services.AddDbContext<MailBridgeSupportDbContext>(options =>
            options.UseSqlServer(
                builder.Configuration.GetConnectionString("MailBridgeSupportDbContext"),
                x => x.MigrationsAssembly("MailBridgeSupport.DataAccess.SqlServer")));

        var app = builder.Build();

        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }


        app.UseHttpsRedirection();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseCors("Any");

        app.MapControllers();

        app.Run();
    }
}

        builder.Services.AddCors(options =>
        {
            options.AddPolicy("Any", corsPolicyBuilder =>
            {
                corsPolicyBuilder
                    .WithOrigins(new[] { "http://localhost:5173", "https://localhost:5173", "http://localhost:5174" })
                    .AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials();
            });
        });

        builder.Services.AddDbContext<MailBridgeSupportDbContext>(options =>
            options.UseSqlServer(
                builder.Configuration.GetConnectionString("MailBridgeSupportDbContext"),
                x => x.MigrationsAssembly("MailBridgeSupport.DataAccess.SqlServer")));

        var app = builder.Build();

        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }


        app.UseHttpsRedirection();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseCors("Any");

        app.MapControllers();

        app.Run();
    }
}

        builder.Services.AddCors(options =>
        {
            options.AddPolicy("Any", corsPolicyBuilder =>
            {
                corsPolicyBuilder
                    .WithOrigins(new[] { "http://localhost:5173", "https://localhost:5173", "http://localhost:5174" })
                    .AllowAnyHeader()
                    .AllowAnyMethod()
                    .AllowCredentials();
            });
        });

        builder.Services.AddDbContext<MailBridgeSupportDbContext>(options =>
            options.UseSqlServer(
                builder.Configuration.GetConnectionString("MailBridgeSupportDbContext"),
                x => x.MigrationsAssembly("MailBridgeSupport.DataAccess.SqlServer")));

        var app = builder.Build();

        if (app.Environment.IsDevelopment())
        {
            app.UseSwagger();
            app.UseSwaggerUI();
        }


        app.UseHttpsRedirection();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseCors("Any");

        app.MapControllers();

        app.Run();
    }
}

KKeswiik $code

T

TreF01LOP•5/3/24, 6:51 PM

.

K

Keswiik•5/3/24, 6:52 PM

You may need to configure your authentication

K

Keswiik•5/3/24, 6:52 PM

something like

K

Keswiik•5/3/24, 6:53 PM

services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})

services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})

services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})

services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})

T

TreF01LOP•5/3/24, 6:53 PM

T

TreF01LOP•5/3/24, 6:54 PM

It's not going to work?

K

Keswiik•5/3/24, 6:54 PM

what?

TTreF01L Click to see attachment

T

TreF01LOP•5/3/24, 6:55 PM

I added service with Authentication here

T

TreF01LOP•5/3/24, 6:55 PM

with using JwtBearer

K

Keswiik•5/3/24, 6:55 PM

and that isn't doing what the snippet I linked shows

T

TreF01LOP•5/3/24, 6:56 PM

T

TreF01LOP•5/3/24, 6:56 PM

something like that?

K

Keswiik•5/3/24, 6:57 PM

give it a try and see what happens

T

TreF01LOP•5/3/24, 6:59 PM

Bearer header exists but HttpContext.User.Claims is null

K

Keswiik•5/3/24, 6:59 PM

Well, how are you generating your tokens?

T

TreF01LOP•5/3/24, 7:00 PM

public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

T

TreF01LOP•5/3/24, 7:00 PM

T

TreF01LOP•5/3/24, 7:04 PM

I used User from IdentityUser with Guid maybe it influences in some way

KKeswiik Well, how are you generating your tokens?

T

TreF01LOP•5/3/24, 7:05 PM

what do you think about it?

K

Keswiik•5/3/24, 7:05 PM

What is JwtBuilder from? Don't recognize it

K

Keswiik•5/3/24, 7:05 PM

granted I could be using an older version of asp.net core

T

TreF01LOP•5/3/24, 7:06 PM

I'm using .net 8

KKeswiik What is JwtBuilder from? Don't recognize it

T

TreF01LOP•5/3/24, 7:07 PM

What do you mean?

T

TreF01LOP•5/3/24, 7:07 PM

I've written JwtHelper to generate this jwtTokens

T

TreF01LOP•5/3/24, 7:09 PM

using System.Security.Claims;
using CSharpFunctionalExtensions;
using JWT.Algorithms;
using JWT.Builder;
using MailBridgeSupport.Domain.Options;

namespace MailBridgeSupport.API;

public class JwtHelper
{
    public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

using System.Security.Claims;
using CSharpFunctionalExtensions;
using JWT.Algorithms;
using JWT.Builder;
using MailBridgeSupport.Domain.Options;

namespace MailBridgeSupport.API;

public class JwtHelper
{
    public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

using System.Security.Claims;
using CSharpFunctionalExtensions;
using JWT.Algorithms;
using JWT.Builder;
using MailBridgeSupport.Domain.Options;

namespace MailBridgeSupport.API;

public class JwtHelper
{
    public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

using System.Security.Claims;
using CSharpFunctionalExtensions;
using JWT.Algorithms;
using JWT.Builder;
using MailBridgeSupport.Domain.Options;

namespace MailBridgeSupport.API;

public class JwtHelper
{
    public static string CreateAccessToken(UserInformation information, JWTSecretOptions options)
        {
            var accsessToken = JwtBuilder.Create()
                      .WithAlgorithm(new HMACSHA256Algorithm())
                      .WithSecret(options.Secret)
                      .ExpirationTime(DateTimeOffset.UtcNow.AddMinutes(10).ToUnixTimeSeconds())
                      .AddClaim(ClaimTypes.Name, information.Nickname)
                      .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                      .AddClaim(ClaimTypes.Role, information.Role)
                      .WithVerifySignature(true)
                      .Encode();

            return accsessToken;
        }

        public static string CreateRefreshToken(UserInformation information, JWTSecretOptions options)
        {
            var refreshToken = JwtBuilder.Create()
                    .WithAlgorithm(new HMACSHA256Algorithm())
                    .WithSecret(options.Secret)
                    .ExpirationTime(DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds())
                    .AddClaim(ClaimTypes.Name, information.Nickname)
                    .AddClaim(ClaimTypes.NameIdentifier, information.UserId)
                    .AddClaim(ClaimTypes.Role, information.Role)
                    .WithVerifySignature(true)
                    .Encode();

            return refreshToken;
        }

T

TreF01LOP•5/3/24, 7:09 PM

public static Result<UserInformation> GetPayloadFromJWTTokenV2(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<UserInformation>(token);

            return payload;
        }

        public static IDictionary<string, object> GetPayloadFromJWTToken(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<IDictionary<string, object>>(token);

            return payload;
        }

public static Result<UserInformation> GetPayloadFromJWTTokenV2(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<UserInformation>(token);

            return payload;
        }

        public static IDictionary<string, object> GetPayloadFromJWTToken(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<IDictionary<string, object>>(token);

            return payload;
        }

public static Result<UserInformation> GetPayloadFromJWTTokenV2(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<UserInformation>(token);

            return payload;
        }

        public static IDictionary<string, object> GetPayloadFromJWTToken(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<IDictionary<string, object>>(token);

            return payload;
        }

public static Result<UserInformation> GetPayloadFromJWTTokenV2(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<UserInformation>(token);

            return payload;
        }

        public static IDictionary<string, object> GetPayloadFromJWTToken(string token, JWTSecretOptions options)
        {
            var payload = JwtBuilder.Create()
                        .WithAlgorithm(new HMACSHA256Algorithm())
                        .WithSecret(options.Secret)
                        .MustVerifySignature()
                        .Decode<IDictionary<string, object>>(token);

            return payload;
        }

K

Keswiik•5/3/24, 7:09 PM

Ah, I worked directly with

JwtSecurityToken

JwtSecurityToken

JwtSecurityToken

JwtSecurityToken since it is part of identity (as far as I know)

K

Keswiik•5/3/24, 7:09 PM

JwtBuilder

JwtBuilder

JwtBuilder

JwtBuilder looks to be from https://github.com/jwt-dotnet/jwt

K

Keswiik•5/3/24, 7:10 PM

https://github.com/jwt-dotnet/jwt?tab=readme-ov-file#register-authentication-handler-to-validate-jwt

GitHub

GitHub - jwt-dotnet/jwt: Jwt.Net, a JWT (JSON Web Token) implementa...

Jwt.Net, a JWT (JSON Web Token) implementation for .NET - jwt-dotnet/jwt

K

Keswiik•5/3/24, 7:10 PM

you should follow their documentation on using the library with asp

T

TreF01LOP•5/3/24, 7:16 PM

but I've used it

T

TreF01LOP•5/3/24, 7:17 PM

JwtBuilder

KKeswiik Ah, I worked directly with `JwtSecurityToken` since it is part of identity (as f...

T

TreF01LOP•5/3/24, 7:17 PM

Or do you mean something else?

T

TreF01LOP•5/3/24, 7:18 PM

https://github.com/jwt-dotnet/jwt

GitHub

GitHub - jwt-dotnet/jwt: Jwt.Net, a JWT (JSON Web Token) implementa...

Jwt.Net, a JWT (JSON Web Token) implementation for .NET - jwt-dotnet/jwt

T

TreF01LOP•5/3/24, 7:18 PM

K

Keswiik•5/3/24, 7:19 PM

probably the nuget package for the repo I linked

KKeswiik probably the nuget package for the repo I linked

T

TreF01LOP•5/3/24, 7:20 PM

yea, and I've already used it in my project. I wrote this code 1 day ago

TTreF01L but I've used it

T

TreF01LOP•5/3/24, 7:20 PM

you can see it on this screenshot

T

TreF01LOP•5/3/24, 7:20 PM

And it doesn't work

T

TreF01LOP•5/3/24, 7:22 PM

It is very stange, because there no errors

T

TreF01LOP•5/3/24, 7:22 PM

And I don't know how to debbug it

K

Keswiik•5/3/24, 7:22 PM

Well, it doesn't look like you're using all of the configuration options required to make it work with ASP.net. Look at the readme and compare their

ConfigureServices

ConfigureServices

ConfigureServices

ConfigureServices with yours.

T

TreF01LOP•5/3/24, 7:33 PM

Do you mean that I should paste this code to my project? But there is no such commands even for AddJwt. I only have AddJwtBearer

services.AddAuthentication(options =>
                 {
                     options.DefaultAuthenticateScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                     options.DefaultChallengeScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                 })
            .AddJwt(options =>
                 {
                     // secrets, required only for symmetric algorithms, such as HMACSHA256Algorithm
                     // options.Keys = new[] { "mySecret" };
                     
                     // optionally; disable throwing an exception if JWT signature is invalid
                     // options.VerifySignature = false;
                 });

services.AddAuthentication(options =>
                 {
                     options.DefaultAuthenticateScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                     options.DefaultChallengeScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                 })
            .AddJwt(options =>
                 {
                     // secrets, required only for symmetric algorithms, such as HMACSHA256Algorithm
                     // options.Keys = new[] { "mySecret" };
                     
                     // optionally; disable throwing an exception if JWT signature is invalid
                     // options.VerifySignature = false;
                 });

services.AddAuthentication(options =>
                 {
                     options.DefaultAuthenticateScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                     options.DefaultChallengeScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                 })
            .AddJwt(options =>
                 {
                     // secrets, required only for symmetric algorithms, such as HMACSHA256Algorithm
                     // options.Keys = new[] { "mySecret" };
                     
                     // optionally; disable throwing an exception if JWT signature is invalid
                     // options.VerifySignature = false;
                 });

services.AddAuthentication(options =>
                 {
                     options.DefaultAuthenticateScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                     options.DefaultChallengeScheme = JwtAuthenticationDefaults.AuthenticationScheme;
                 })
            .AddJwt(options =>
                 {
                     // secrets, required only for symmetric algorithms, such as HMACSHA256Algorithm
                     // options.Keys = new[] { "mySecret" };
                     
                     // optionally; disable throwing an exception if JWT signature is invalid
                     // options.VerifySignature = false;
                 });

K

Keswiik•5/3/24, 7:34 PM

K

Keswiik•5/3/24, 7:34 PM

the readme tells you the other dependencies you need

JwtBearerAuthentication

Similar Threads