Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Azure AD B2C JWT Authentication

See original GitHub issue

Has anyone got a good example of how to get Carter to accept a JWT from Azure AD B2C?

This is what I have so far and it is failing.

app.UseCarter(GetOptions(new[] { Configuration["oa:basepath"] }));

private CarterOptions GetOptions(ICollection<string> addresses)
        {
            var options = new OpenApiOptions(
                "Test API",
                addresses,
                new Dictionary<string, OpenApiSecurity>
                {
                    {
                        "BearerAuth",
                        new OpenApiSecurity
                        {
                            Type = OpenApiSecurityType.http,
                            Scheme = "bearer",
                            BearerFormat = "JWT",
                            Name = "Authorization",
                            In = OpenApiIn.header
                        }
                    }
                }, new[] { "BearerAuth" });

            return new CarterOptions(null, null, options);
        }

Issue Analytics

State:
Created 4 years ago
Comments:8 (8 by maintainers)

Top GitHub Comments

1reaction

jchannoncommented, Jul 2, 2019

That code has nothing to do with authentication it’s just setting up metadata for the openapi generated docs.

You’ll need something like services.AddAuthentication.AddAzureFoo() for it to work with JWT

0reactions

abazanovcommented, Jul 2, 2019

For those who might come here in the future, here is how I got it working…

services.AddAuthentication(options =>
            {
                options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(jwtOptions =>
            {
                jwtOptions.Authority = "https://[tenant url]/tfp/[tenant guid]/[policy]/v2.0/";
                jwtOptions.Audience = ["ClientId"]; // Application Id
                jwtOptions.Events = new JwtBearerEvents
                {
                    OnAuthenticationFailed = AuthenticationFailed,
                    OnTokenValidated = TokenValidated
                };
            });

Also

app.UseAuthentication();

I also opted for second option in this drop-down, which made a difference.