How to do JWT token based authentication for Asp.Net Core 2.2 MVC Web Application?

Question

I have Asp.Net Core 2.2 MVC web application in which database calls are handled through Asp.Net Core Web Api 2.2 and this Web API will generates the JWT token post verified the Login credentials and returns back to the MVC application with the JWT token.

In Asp.Net core MVC application Controllers decorated with Authorize attribute to validate subsequent request comes from the browser but here i'm not able to validate the JWT token.

So please suggest how to validate the JWT token in Asp.Net Core 2.2 MVC Web Application.

Thanks in advance!

Code:

 services.AddAuthentication(j =>
{
    j.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    j.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    j.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
    x.SaveToken = true;
    x.RequireHttpsMetadata = true;
    x.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        //ValidateLifetime = true,
        //ValidateIssuerSigningKey = true,
        ValidIssuer = "xyz.com",
        ValidAudience = "xyz.com",
        IssuerSigningKey = new SymmetricSecurityKey(key),
        ClockSkew = TimeSpan.FromMinutes(5)
    };
});


app.UseAuthentication();
app.UseMvc(routes =>
{
    routes.MapRoute(
    name: "default",
    template: "{controller=Login}/{action=Login}/{id?}");
});

I answered a question that I believe is what you're looking for, hopefully it helps https://stackoverflow.com/a/48890659/5517088 — Kevin, Jun 25 '19 at 08:26
Thanks for the info @Kevin but i have tried all this steps earlier but having same problem — sudheer kumar, Jun 25 '19 at 14:51
Can you provide an example of your request along with your Authorization header — Kevin, Jun 26 '19 at 07:36
@Kevin how can we add web api token to mvc application to validate subsequent request comes from browser? — sudheer kumar, Jun 26 '19 at 08:55
Okay, you need to update your question. Provide a sample of your login request (how you store your token) and a sample of your request that return 401 unauthorized. From there I should be able to help — Kevin, Jun 26 '19 at 09:11

score 0 · Answer 1 · edited Jun 09 '20 at 01:37

0

That seems you are sending request to web api with user's credential, web api validate credential and return to mvc client with JWT token.

In your client app, after getting token and decode to get the claims, you can create new ClaimsIdentity, add your claims and sign-in user. See code sample here.

If you want to know how to decode the JWT token, you can refer to below code samples:

How to decode JWT Token?

Decoding and verifying JWT token using System.IdentityModel.Tokens.Jwt

edited Jun 09 '20 at 01:37

Gryu

2,102
2
16
29

answered Jun 26 '19 at 09:17

Nan Yu

26,101
9
68
148

Let me give more clarity on my question. From MVC application User will login and then Web API will validate the UserName and Password and return JWT token to MVC application and this mvc application is not using asp.net identity as well so my plan is like use this JWT token and add it to header or cookie to validate any other request comes from browser to access MVC application resource. Please let me know if you need any other info. Thanks in advance. – sudheer kumar Jun 26 '19 at 09:43
Your scenario is not clear , your mvc need sign-in , so send request to web api with crdential , web api send back with token , now your mvc will decode token, get claims and sign-in , so [authorzie] will work on mvc app , my code sample shows that and that is not related to asp.net identity . Just store user in cookie – Nan Yu Jun 27 '19 at 02:20
And if you want to implement JWT bearer authentication in MVC application , you should confirm the issue/audience/signature configuration matches the token claims. – Nan Yu Jun 27 '19 at 05:26

How to do JWT token based authentication for Asp.Net Core 2.2 MVC Web Application?

1 Answers1