API Bearer token

1. // Startup.cs
2.  
3. using System.Reflection;
4. using Microsoft.AspNetCore.Authentication.JwtBearer;
5. using Microsoft.AspNetCore.Builder;
6. using Microsoft.AspNetCore.Hosting;
7. using Microsoft.EntityFrameworkCore;
8. using Microsoft.Extensions.Configuration;
9. using Microsoft.Extensions.DependencyInjection;
10. using Microsoft.Extensions.Hosting;
11.  
12. namespace App {
13.     public class Startup {
14.        
15.         private IConfiguration Configuration { get; }
16.  
17.         public Startup(IConfiguration configuration) {
18.             Configuration = configuration;
19.         }
20.        
21.         // This method gets called by the runtime. Use this method to add services to the container.
22.         public void ConfigureServices(IServiceCollection services) {
23.             services.AddControllers();
24.             services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
25.                 .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, o => {
26.                     o.Authority = Configuration["Authority"];
27.                     o.RequireHttpsMetadata = false;
28.                     o.Audience = "api";
29.                     o.SaveToken = true;
30.                 });
31.             services.AddAuthorization();
32.             services.AddHttpContextAccessor();
33.  
34.             // Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
35.             // ...
36.         }
37.  
38.         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
39.         public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
40.             if(env.IsDevelopment() || env.IsEnvironment("Local")) {
41.                 app.UseDeveloperExceptionPage();
42.             }
43.             else {
44.                 app.UseHsts();
45.             }
46.  
47.            
48.             app.UseAuthentication();
49.             app.UseHttpsRedirection();
50.             app.UseRouting();
51.             app.UseAuthorization();
52.             app.UseEndpoints(x => {
53.                 x.MapControllers();
54.             });
55.         }
56.     }
57. }
58.  
59.  
60. /// HttpClientExtensions.cs
61.  
62. using System.Net.Http;
63. using System.Net.Http.Headers;
64.  
65. namespace App.Clients.Extensions {
66.     public static class HttpClientExtensions {
67.         internal static void InitHeaders(this HttpClient client, string token) {
68.             client.DefaultRequestHeaders.Clear();
69.  
70.             if(token != null) {
71.                 client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
72.             }
73.            
74.             client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
75.         }
76.     }
77. }
78.  
79.  
80. // SomeClient.cs
81.  
82. using System;
83. using System.Collections.Generic;
84. using System.Net.Http;
85. using System.Text.Json;
86. using System.Threading.Tasks;
87. using Microsoft.AspNetCore.Authentication;
88. using Microsoft.AspNetCore.Http;
89. using Microsoft.Extensions.Configuration;
90. using App.Clients.Extensions;
91.  
92. namespace App. Clients {
93.     public class SomeClient : HttpClient, ISomeClient{
94.         public SsoClient(IConfiguration config, IHttpContextAccessor http) {
95.             BaseAddress = new Uri(config["OpenId:Authority"]);
96.             var token = http.HttpContext.GetTokenAsync("access_token").Result;
97.            
98.             this.InitHeaders(token);
99.         }
100.     }
101. }