1
votes

I have Asp.Net Core 2.2 MVC web application in which database calls are handled through Asp.Net Core Web Api 2.2 and this Web API will generates the JWT token post verified the Login credentials and returns back to the MVC application with the JWT token.

In Asp.Net core MVC application Controllers decorated with Authorize attribute to validate subsequent request comes from the browser but here i'm not able to validate the JWT token.

So please suggest how to validate the JWT token in Asp.Net Core 2.2 MVC Web Application.

Thanks in advance!

Code:

 services.AddAuthentication(j =>
{
    j.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    j.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    j.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
    x.SaveToken = true;
    x.RequireHttpsMetadata = true;
    x.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        //ValidateLifetime = true,
        //ValidateIssuerSigningKey = true,
        ValidIssuer = "xyz.com",
        ValidAudience = "xyz.com",
        IssuerSigningKey = new SymmetricSecurityKey(key),
        ClockSkew = TimeSpan.FromMinutes(5)
    };
});


app.UseAuthentication();
app.UseMvc(routes =>
{
    routes.MapRoute(
    name: "default",
    template: "{controller=Login}/{action=Login}/{id?}");
});
1
I answered a question that I believe is what you're looking for, hopefully it helps stackoverflow.com/a/48890659/5517088Kevin
Thanks for the info @Kevin but i have tried all this steps earlier but having same problemsudheer kumar
What is problem/error message you are facing?Nan Yu
Can you provide an example of your request along with your Authorization headerKevin
@Nan Yu Getting an 401 unauthorized exceptionsudheer kumar

1 Answers

0
votes

That seems you are sending request to web api with user's credential, web api validate credential and return to mvc client with JWT token.

In your client app, after getting token and decode to get the claims, you can create new ClaimsIdentity, add your claims and sign-in user. See code sample here.

If you want to know how to decode the JWT token, you can refer to below code samples:

How to decode JWT Token?

Decoding and verifying JWT token using System.IdentityModel.Tokens.Jwt