Is there an convenience method to manually authenticate an incoming a JWT Bearer Token in the ASP.NET middleware pipeline… like IUserAuthRepository.TryAuthenticate(…) but with the bearer token ?
There weren’t any official public APIs exposed but I’ve just added some new APIs you can use:
var jwtProvider = (JwtAuthProvider)AuthenticateService.GetAuthProvider(JwtAuthProvider.Name);
// get valid JsonObject you can inspect
JsonObject validPayload = jwtProvider.GetValidJwtPayload(jwt);
bool isValid = jwtProvider.IsJwtValid(jwt);
These APIs are available from v5.0.3 that’s now available on MyGet. If you had v5.0.3 installed previously you’ll need to clear your NuGet cache with:
$ nuget locals all -clear
Ok thanks, is your added solution like:
string jwttoken = request.GetJwtToken();
var jwtProvider = (JwtAuthProviderReader)AuthenticateService.GetAuthProvider(JwtAuthProvider.Name);
var userSession = jwtProvider.ConvertJwtToSession(request, jwttoken );
get the depending session …
Why are you creating the session from the JWT manually? The Session is already populated from the JWT Token when you call IRequest.GetSession() or in Services that use the [Authenticate] attribute.