Skip to content

Add IAuthenticationConfigurationProvider.GetAuthenticationConfiguration #41989

Closed
@captainsafia

Description

@captainsafia

To support reading default schemes from configuration, we need to add an API to IAuthenticationConfigurationProvider​ that allows us to extract the root Authentication​ property from configuration.

The PR also adds a set of shared constants for use in the user-jwts CLI and the runtime with regarding to accessing these configuration keys.

Risks
Low, we've discussed adding this is a follow-up item from preview5.

Pull Request
#41987

Proposed API

namespace Microsoft.AspNetCore.Authentication;

public interface IAuthenticationConfigurationProvider
{
+    public IConfiguration Authentication { get; }
}
namespace Microsoft.AspNetCore.Authentication;

public static class AuthenticationConfigurationProviderExtensions
{
+    public static IConfiguration GetSchemeConfiguration(this IAuthenticationConfigurationProvider provider, string authenticationScheme);
}

Sample Usage
An end-user can implement a custom IAuthenticationConfigurationProvider to point to where the top-level configuration key in their application is.

public class MyAuthenticationConfigurationProvider : IAuthenticationConfigurationProvider
{
    private IConfiguration _configuration;
 
    public DefaultAuthenticationConfigurationProvider(IConfiguration configuration)
    {
        _configuration = configurationRoot;
    }
 
    public IConfiguration Authentication => _configuration.GetSection("MyCustomAuthName");
}

Sample Config

{
  "MyCustomAuthName": {
    "DefaultScheme": "ClaimedDetails",
    "Schemes": {
      "Bearer": {
        "Audiences": [
          "https://localhost:7259",
          "http://localhost:5259"
        ],
        "ClaimsIssuer": "dotnet-user-jwts"
      },
      "ClaimedDetails": {
        "Audiences": [
          "https://localhost:7259",
          "http://localhost:5259"
        ],
        "ClaimsIssuer": "dotnet-user-jwts"
      }
    }
  }
}

In our ConfigureOptions implementation, we use the GetSchemeConfiguration extension method to access individual schemes

internal sealed class JwtBearerConfigureOptions : IConfigureNamedOptions<JwtBearerOptions>
{
    public void Configure(string? name, JwtBearerOptions options)
    {
        var configSection = _authenticationConfigurationProvider.GetSchemeConfiguration(name);
    }
}

Metadata

Metadata

Assignees

Labels

api-approvedAPI was approved in API review, it can be implementedold-area-web-frameworks-do-not-use*DEPRECATED* This label is deprecated in favor of the area-mvc and area-minimal labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions