-1

I've been struggling with this for a few days... There seems to be a number of similar questions on here but I can't find one which covers this exact scenario.

I have a node service which is creating a jsonwebtoken NPM package (RS256). Any other node service is able to validate the token as supplied by the UI and read the claims _ can also validate on jwt.io.

However I need to add a .net core api to the solution and I can't simply can't get it work - I feel like I have tried a million different combinations of setting up the api middleware, but there is clearly something I am missing and I can't find any documentation for the right way of doing this - obviously I also want to read the claims, but right now, before I pull my hair out, I just want to validate the token and hit a controller.

desertnaut
  • 57,590
  • 26
  • 140
  • 166
user19076085
  • 1
  • 1

1 Answers1

0

Configure JWT bearer authentication (as well as the token validation options) on DI using AddJwtBearer extension method from Microsoft.AspNetCore.Authentication.JwtBearer NuGet package:

// The below code used to be in Startup.ConfigureServices method 
// before the minimal API with all stuff in Program.cs file has been introduced 

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateAudience = false, 
            ValidateIssuer = true,
            ... = ,
        };
        options.Authority = <settings-your-authority>;
        options. ect..
    });

...

// Use configured JWT auth (used to be in Startup.Configure method) 

var app = builder.Build();
...
app.UseAuthentication();
...
app.Run();

And see here how to Verify JWT with RS256 (asymmetric) in C#

Dmitry Pavlov
  • 30,789
  • 8
  • 97
  • 121
  • 1
    Many thanks - in the end once I had done this I needed to change the encryption method of the token created by the node service. – user19076085 May 10 '22 at 13:11