我有一个现有的Asp.net MVC Web API项目和我的启动(OwinStartUp)文件代码
public void Configuration(IAppBuilder app)
{
WebApiConfig.Configure(app);
}
我必须构建一个新的API,它必须验证Azure AD B2C令牌并阅读声明以进行进一步处理。
如何使用中间件实现这一目标?我无法使用UseJwtBearerAuthentication
成功答案 0 :(得分:0)
请参阅使用OWIN w / B2C的this sample app。
更具体地说this code:
public void ConfigureAuth(IAppBuilder app)
{
TokenValidationParameters tvps = new TokenValidationParameters
{
// Accept only those tokens where the audience of the token is equal to the client ID of this app
ValidAudience = ClientId,
AuthenticationType = Startup.DefaultPolicy
};
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
{
// This SecurityTokenProvider fetches the Azure AD B2C metadata & signing keys from the OpenIDConnect metadata endpoint
AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(String.Format(AadInstance, Tenant, DefaultPolicy)))
});
}