ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,815 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
They each need their own scheme and policy. See docs
Double authentication using Jwt bearer .net core 5
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 46%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
elseforty
21
Reputation points
Hi,
i'm trying to implement a double authentication layer in a .net core 5 API, the validation should be done in two steps ,
- first one is validate the authentication for the super user ,
- the second step is validate the authentication for the simple user if first step is Ok,
i want to implemet the authentication on the Ocelot Api gateway level, i don't know how i can implement this , i've added the two Jwt bearer configuration in the startup file but it does not work since the validation can be done using both jwt bearers instead of validating using jwt bearer for super user , if okey then try validate using jwt bearer for simple user
any thoughts about this is really appreciated
startup.cs file
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
// Adding Authentication
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
// Adding Jwt Bearer
.AddJwtBearer("SimpleUsersBearer",options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("MySecretKey")),
ValidateIssuerSigningKey = true,
ValidateIssuer = false,
ValidateAudience=false,
};
}).AddJwtBearer("SuperlUsersBearer", options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("MySecretKey")),
ValidateIssuerSigningKey = true,
ValidateIssuer = false,
ValidateAudience = false,
};
});
services.AddAuthorization(options =>
{
options.DefaultPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.AddAuthenticationSchemes("SimpleUsersBearer")
.AddAuthenticationSchemes("SuperUsersBearer")
.Build();
});
services.AddOcelot();
}
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 98%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Rena Ni - MSFT 2,066 Reputation points2021-11-29T01:48:49.123+00:00 Hi @elseforty , I think you need check this answer here to custom a middleware to judge the two token validation.
Sign in to comment