0

I'm creating a .Net Core Web API app that implements JWT based authentication, and planning to offer to users different providers. They should be able to sign up using whatever Facebook, Google or Twitter account they have.

For MVC applications, there are libraries such AspNet.Security.OAuth.Providers, that implements cookie based authentication, but I can't find anything similar for Web APIs. Although I have been searching all sort of online resources, I don't believe I'm the first trying to achieve this goal.

I don't mind doing it from scratch (actually I'm learning a lot), but I have a feeling I'm missing something.

Is there any library/nuget package that offers out-of-box JWT based authentication with multiple providers?

Improve this question

1 Answer 1

Reset to default
1

The Microsoft.AspNetCore.Authentication lib contains all extensions you need. You can enable them by chaining them on the AddAuthentication() method on the IServiceCollection.

using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.JwtBearer;
...
public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication()
        .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { ...})
        .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => {...})
        .AddMicrosoftAccount(microsoftOptions => { ... })
        .AddGoogle(googleOptions => { ... })
        .AddTwitter(twitterOptions => { ... })
        .AddFacebook(facebookOptions => { ... });

}

Read the section below this code for a nice explaination.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thanks! I didn't realize that I could use Microsoft.AspNetCore.Authentication with the AddJwtBearer. However, it doesn't really help much, I think. I was looking for some component that could wrap the communication with the external providers, so I wouldn't need to keep the URLs for authentication and do the HttpClient requests myself.
@luizs81 ok, i see. I thought you would like to do it from "scratch", then this is the way. Please upvote if answer was to any help :)
Sorry, but it doesn't help much and I'm not sure how Microsoft.AspNetCore.Authentication interacts with JWT in controller level. I can't find any documentation. All the Microsoft examples use MVC and scaffold pages.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.