Added new demos, cleaned up keys, restructured everything!

Author: jglozano

src/ApiAuth/Net/ApiAuth.sln renamed to src/ApiAuth/Net/JwtApiAuth.sln

@@ -3,7 +3,7 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 16
 VisualStudioVersion = 16.0.29503.13
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ApiAuth", "ApiAuth\ApiAuth.csproj", "{BDF10019-A0B8-43AB-A20C-477D77725207}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "JwtApiAuth", "JwtApiAuth\JwtApiAuth.csproj", "{BDF10019-A0B8-43AB-A20C-477D77725207}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

src/ApiAuth/Net/JwtApiAuth/Client.http

@@ -0,0 +1,24 @@
+### IdP variables
+@authority = 
+@clientId = 
+@clientSecret = 
+@grantType = client_credentials
+@scope = 
+
+# @name IdP
+POST {{authority}}
+CONTENT-TYPE: application/x-www-form-urlencoded
+
+client_id={{clientId}}
+&client_secret={{clientSecret}}
+&grant_type={{grantType}}
+&scope={{scope}}
+
+### API Call
+@accessToken = {{IdP.response.body.access_token}}
+@apiHost = localhost:44343
+
+# @name UserAPI
+GET https://{{apiHost}}/user
+Content-Type: application/json
+Authorization: Bearer {{accessToken}}

src/ApiAuth/Net/JwtApiAuth/Controllers/HomeController.cs

@@ -0,0 +1,35 @@
+using System.Diagnostics;
+
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+
+using JwtApiAuth.Models;
+
+namespace JwtApiAuth.Controllers
+{
+    public class HomeController : Controller
+    {
+        private readonly ILogger<HomeController> _logger;
+
+        public HomeController(ILogger<HomeController> logger)
+        {
+            _logger = logger;
+        }
+
+        public IActionResult Index()
+        {
+            return View();
+        }
+
+        public IActionResult Privacy()
+        {
+            return View();
+        }
+
+        [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+        public IActionResult Error()
+        {
+            return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
+        }
+    }
+}

src/ApiAuth/Net/JwtApiAuth/Controllers/UserController.cs

@@ -0,0 +1,20 @@
+using System.Linq;
+
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace JwtApiAuth.Controllers
+{
+    [Authorize, ApiController, Route("user")]
+    public class UserController : Controller
+    {
+        [HttpGet, Route("")]
+        public dynamic GetAll()
+        {
+            var user = User;
+            var claims = user.Claims.ToDictionary(c => c.Type, c => c.Value);
+
+            return claims;
+        }
+    }
+}

src/ApiAuth/Net/ApiAuth/ApiAuth.csproj renamed to src/ApiAuth/Net/JwtApiAuth/JwtApiAuth.csproj

@@ -0,0 +1,11 @@
+using System;
+
+namespace JwtApiAuth.Models
+{
+    public class ErrorViewModel
+    {
+        public string RequestId { get; set; }
+
+        public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
+    }
+}

src/ApiAuth/Net/JwtApiAuth/Models/ErrorViewModel.cs

@@ -0,0 +1,20 @@
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Hosting;
+
+namespace JwtApiAuth
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args)
+                .ConfigureWebHostDefaults(webBuilder =>
+                {
+                    webBuilder.UseStartup<Startup>();
+                });
+    }
+}

src/ApiAuth/Net/JwtApiAuth/Program.cs

@@ -0,0 +1,93 @@
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+
+using Microsoft.IdentityModel.Tokens;
+
+using System.Threading.Tasks;
+
+namespace JwtApiAuth
+{
+    public class Startup
+    {
+        public Startup(IConfiguration configuration)
+        {
+            Configuration = configuration;
+        }
+
+        public IConfiguration Configuration { get; }
+
+        // This method gets called by the runtime. Use this method to add services to the container.
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddControllersWithViews();
+
+            services
+               .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+               .AddJwtBearer(x =>
+               {
+                   // Disabled only for local dev
+                   x.RequireHttpsMetadata = false;
+                   x.Authority = Configuration["API:Authority"];
+
+                   x.TokenValidationParameters = new TokenValidationParameters
+                   {
+                       ValidAudience = Configuration["API:Audience"]
+                   };
+
+                   x.Events = new JwtBearerEvents();
+                   x.Events.OnAuthenticationFailed += AuthenticationFailed;
+                   x.Events.OnChallenge += Challenge;
+                   x.Events.OnTokenValidated += TokenValidated;
+               });
+        }
+
+        private Task TokenValidated(TokenValidatedContext arg)
+        {
+            return Task.FromResult(0);
+        }
+
+        private Task Challenge(JwtBearerChallengeContext arg)
+        {
+            return Task.FromResult(0);
+        }
+
+        private Task AuthenticationFailed(AuthenticationFailedContext arg)
+        {
+            return Task.FromResult(0);
+        }
+
+        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
+        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+            else
+            {
+                app.UseExceptionHandler("/Home/Error");
+                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
+                app.UseHsts();
+            }
+            app.UseHttpsRedirection();
+            app.UseStaticFiles();
+
+            app.UseRouting();
+
+            app.UseAuthentication();
+            app.UseAuthorization();
+
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapControllerRoute(
+                    name: "default",
+                    pattern: "{controller=Home}/{action=Index}/{id?}");
+            });
+        }
+    }
+}