在.NET Core中,我知道我可以在Startup.cs中做这样的事情(但我在标准.NET框架中没有Startup.cs(:
services.AddAuthentication(options => {
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(jwtOptions => {
jwtOptions.Authority = "my_authority_url";
jwtOptions.TokenValidationParameters.ValidateIssuer = true;
jwtOptions.TokenValidationParameters.ValidIssuers = issuers;
jwtOptions.TokenValidationParameters.ValidAudiences = audiences;
jwtOptions.Audience = Configuration["AzureAdB2C:Audience"];
jwtOptions.Events = new JwtBearerEvents
{
OnAuthenticationFailed = AuthenticationFailed
};
});
但是在标准.NET框架中还有其他选择吗?我有一个使用4.5.2的旧项目,我想在里面实现类似的东西。
您可以在启动时配置OAuthBearerAuthentication。E.g
using Microsoft.Owin;
using Owin;
using System.IdentityModel.Tokens;
using Microsoft.Owin.Security.OAuth;
using Microsoft.Owin.Security.Jwt;
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
{
AccessTokenFormat = new JwtFormat(new TokenValidationParameters
{
ValidateIssuerSigningKey = false,
ValidAudience = Configuration["AzureAdB2C:Audience"],
ValidateAudience = true,
ValidIssuer = "my_authority_url",
ValidateIssuer = true,
ValidateLifetime = true,
ClockSkew = System.TimeSpan.FromMinutes(5),
})
});