From 13a62281b0cdf53094e4aa2b3863f7304dc596e6 Mon Sep 17 00:00:00 2001
From: Igor Goldobin <igor.goldobin@gmail.com>
Date: Sat, 17 Sep 2016 10:53:20 +1000
Subject: [PATCH] Fixed auth token validation as per
 https://github.com/auth0-samples/auth0-aspnetcore-sample/issues/1

---
 src/SSW.MusicStore.API/Startup.cs       | 10 +++++++++-
 src/SSW.MusicStore.API/appsettings.json |  3 ++-
 src/SSW.MusicStore.API/project.json     |  3 ++-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/SSW.MusicStore.API/Startup.cs b/src/SSW.MusicStore.API/Startup.cs
index ac7cb82..9c451be 100644
--- a/src/SSW.MusicStore.API/Startup.cs
+++ b/src/SSW.MusicStore.API/Startup.cs
@@ -12,6 +12,7 @@
 using Mindscape.Raygun4Net;
 
 using Autofac;
+using Microsoft.IdentityModel.Tokens;
 using SerilogWeb.Classic.Enrichers;
 using SSW.MusicStore.API.Filters;
 using SSW.MusicStore.API.Infrastructure.DI;
@@ -103,7 +104,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                     .Enrich.WithProperty("ApplicationName", "Music Store")
                     .Enrich.With(new HttpRequestIdEnricher());
             Log.Logger = config.CreateLogger();
-            
+
             loggerFactory.AddSerilog();
             loggerFactory.AddDebug();
 
@@ -135,6 +136,9 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
 
             app.UseStaticFiles();
 
+            var keyAsBase64 = Configuration["Auth0:ClientSecret"].Replace('_', '/').Replace('-', '+');
+            var keyAsBytes = Convert.FromBase64String(keyAsBase64);
+
             var jwtOptions = new JwtBearerOptions
             {
                 Audience = Configuration["Auth0:ClientId"],
@@ -146,6 +150,10 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                         Log.Logger.Error("Authentication failed.", context.Exception);
                         return Task.FromResult(0);
                     }
+                },
+                TokenValidationParameters =
+                {
+                    IssuerSigningKey = new SymmetricSecurityKey(keyAsBytes)
                 }
             };
             app.UseJwtBearerAuthentication(jwtOptions);
diff --git a/src/SSW.MusicStore.API/appsettings.json b/src/SSW.MusicStore.API/appsettings.json
index dc036a6..df41bf4 100644
--- a/src/SSW.MusicStore.API/appsettings.json
+++ b/src/SSW.MusicStore.API/appsettings.json
@@ -16,7 +16,8 @@
   "Auth0": {
     // Overwrite in privatesettings.json
     "ClientId": "",
-    "Domain": ""
+    "Domain": "",
+    "ClientSecret": ""
   },
   "Stripe": {
     // Overwrite in privatesettings.json
diff --git a/src/SSW.MusicStore.API/project.json b/src/SSW.MusicStore.API/project.json
index 2416de1..01d0cfe 100644
--- a/src/SSW.MusicStore.API/project.json
+++ b/src/SSW.MusicStore.API/project.json
@@ -43,7 +43,8 @@
     "Serilog.Sinks.Literate": "2.0.0",
     "Microsoft.EntityFrameworkCore.Tools": "1.0.0-preview2-final",
     "Microsoft.Extensions.Configuration.Binder": "1.0.0",
-    "Mindscape.Raygun4Net.AspNetCore": "5.3.1"
+    "Mindscape.Raygun4Net.AspNetCore": "5.3.1",
+    "Microsoft.Owin.Security.Jwt": "3.0.1"
   },
 
   "frameworks": {