diff --git a/services/booking-service-net/src/BookingService.API/Program.cs b/services/booking-service-net/src/BookingService.API/Program.cs index 54a508e3..c0c625c5 100644 --- a/services/booking-service-net/src/BookingService.API/Program.cs +++ b/services/booking-service-net/src/BookingService.API/Program.cs @@ -85,22 +85,19 @@ try name: "postgresql", tags: ["db", "postgresql"]); - // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication + // EN: Add JWT Bearer authentication via IAM IdentityServer OIDC discovery + // VI: Thêm JWT Bearer authentication qua IAM IdentityServer OIDC discovery var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001"; - var jwtSecret = builder.Configuration["Jwt:Secret"] ?? ""; builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { + options.Authority = jwtAuthority; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, - ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret), - IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret) - ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret)) - : null, }; }); builder.Services.AddAuthorization(); diff --git a/services/catalog-service-net/src/CatalogService.API/Program.cs b/services/catalog-service-net/src/CatalogService.API/Program.cs index 845cea94..ad831e6d 100644 --- a/services/catalog-service-net/src/CatalogService.API/Program.cs +++ b/services/catalog-service-net/src/CatalogService.API/Program.cs @@ -85,22 +85,19 @@ try name: "postgresql", tags: ["db", "postgresql"]); - // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication + // EN: Add JWT Bearer authentication via IAM IdentityServer OIDC discovery + // VI: Thêm JWT Bearer authentication qua IAM IdentityServer OIDC discovery var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001"; - var jwtSecret = builder.Configuration["Jwt:Secret"] ?? ""; builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { + options.Authority = jwtAuthority; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, - ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret), - IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret) - ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret)) - : null, }; }); builder.Services.AddAuthorization(); diff --git a/services/fnb-engine-net/src/FnbEngine.API/Program.cs b/services/fnb-engine-net/src/FnbEngine.API/Program.cs index cb136a71..41def73e 100644 --- a/services/fnb-engine-net/src/FnbEngine.API/Program.cs +++ b/services/fnb-engine-net/src/FnbEngine.API/Program.cs @@ -85,22 +85,19 @@ try name: "postgresql", tags: ["db", "postgresql"]); - // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication + // EN: Add JWT Bearer authentication via IAM IdentityServer OIDC discovery + // VI: Thêm JWT Bearer authentication qua IAM IdentityServer OIDC discovery var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001"; - var jwtSecret = builder.Configuration["Jwt:Secret"] ?? ""; builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { + options.Authority = jwtAuthority; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, - ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret), - IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret) - ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret)) - : null, }; }); builder.Services.AddAuthorization(); diff --git a/services/inventory-service-net/src/InventoryService.API/Program.cs b/services/inventory-service-net/src/InventoryService.API/Program.cs index 739ac466..1ba264b1 100644 --- a/services/inventory-service-net/src/InventoryService.API/Program.cs +++ b/services/inventory-service-net/src/InventoryService.API/Program.cs @@ -88,22 +88,19 @@ try name: "postgresql", tags: ["db", "postgresql"]); - // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication + // EN: Add JWT Bearer authentication via IAM IdentityServer OIDC discovery + // VI: Thêm JWT Bearer authentication qua IAM IdentityServer OIDC discovery var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001"; - var jwtSecret = builder.Configuration["Jwt:Secret"] ?? ""; builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { + options.Authority = jwtAuthority; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, - ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret), - IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret) - ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret)) - : null, }; }); builder.Services.AddAuthorization(); diff --git a/services/order-service-net/src/OrderService.API/Program.cs b/services/order-service-net/src/OrderService.API/Program.cs index 64bf61af..615c9afe 100644 --- a/services/order-service-net/src/OrderService.API/Program.cs +++ b/services/order-service-net/src/OrderService.API/Program.cs @@ -148,22 +148,19 @@ try name: "postgresql", tags: ["db", "postgresql"]); - // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication + // EN: Add JWT Bearer authentication via IAM IdentityServer OIDC discovery + // VI: Thêm JWT Bearer authentication qua IAM IdentityServer OIDC discovery var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001"; - var jwtSecret = builder.Configuration["Jwt:Secret"] ?? ""; builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { + options.Authority = jwtAuthority; options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = true, - ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret), - IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret) - ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret)) - : null, }; }); builder.Services.AddAuthorization();