Add JWT Bearer authentication registration to 5 microservice Program.cs files

Add AddAuthentication(JwtBearerDefaults.AuthenticationScheme) and
AddJwtBearer() service registration before CORS configuration in:
- CatalogService.API
- OrderService.API
- InventoryService.API
- FnbEngine.API
- BookingService.API

Also add Microsoft.AspNetCore.Authentication.JwtBearer v10.0.1 NuGet
package reference to each service's .csproj file.

This fixes the runtime error caused by UseAuthentication() being called
without a registered authentication scheme.

Co-authored-by: Velik <hongochai10@users.noreply.github.com>

services/booking-service-net/src/BookingService.API/BookingService.API.csproj

@@ -19,6 +19,9 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     
+    <!-- EN: JWT Bearer Authentication / VI: JWT Bearer Authentication -->
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+    
     <!-- EN: Swagger/OpenAPI / VI: Swagger/OpenAPI -->
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     

services/booking-service-net/src/BookingService.API/Program.cs

@@ -85,6 +85,26 @@ try
             name: "postgresql",
             tags: ["db", "postgresql"]);
 
+    // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication
+    var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001";
+    var jwtSecret = builder.Configuration["Jwt:Secret"] ?? "";
+    builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme)
+        .AddJwtBearer(options =>
+        {
+            options.RequireHttpsMetadata = false;
+            options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+            {
+                ValidateIssuer = false,
+                ValidateAudience = false,
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret),
+                IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret)
+                    ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret))
+                    : null,
+            };
+        });
+    builder.Services.AddAuthorization();
+
     // EN: Add CORS / VI: Thêm CORS
     builder.Services.AddCors(options =>
     {

services/catalog-service-net/src/CatalogService.API/CatalogService.API.csproj

@@ -19,6 +19,9 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     
+    <!-- EN: JWT Bearer Authentication / VI: JWT Bearer Authentication -->
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+    
     <!-- EN: Swagger/OpenAPI / VI: Swagger/OpenAPI -->
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     

services/catalog-service-net/src/CatalogService.API/Program.cs

@@ -85,6 +85,26 @@ try
             name: "postgresql",
             tags: ["db", "postgresql"]);
 
+    // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication
+    var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001";
+    var jwtSecret = builder.Configuration["Jwt:Secret"] ?? "";
+    builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme)
+        .AddJwtBearer(options =>
+        {
+            options.RequireHttpsMetadata = false;
+            options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+            {
+                ValidateIssuer = false,
+                ValidateAudience = false,
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret),
+                IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret)
+                    ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret))
+                    : null,
+            };
+        });
+    builder.Services.AddAuthorization();
+
     // EN: Add CORS / VI: Thêm CORS
     builder.Services.AddCors(options =>
     {

services/fnb-engine-net/src/FnbEngine.API/FnbEngine.API.csproj

@@ -19,6 +19,9 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     
+    <!-- EN: JWT Bearer Authentication / VI: JWT Bearer Authentication -->
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+    
     <!-- EN: Swagger/OpenAPI / VI: Swagger/OpenAPI -->
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     

services/fnb-engine-net/src/FnbEngine.API/Program.cs

@@ -85,6 +85,26 @@ try
             name: "postgresql",
             tags: ["db", "postgresql"]);
 
+    // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication
+    var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001";
+    var jwtSecret = builder.Configuration["Jwt:Secret"] ?? "";
+    builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme)
+        .AddJwtBearer(options =>
+        {
+            options.RequireHttpsMetadata = false;
+            options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+            {
+                ValidateIssuer = false,
+                ValidateAudience = false,
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret),
+                IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret)
+                    ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret))
+                    : null,
+            };
+        });
+    builder.Services.AddAuthorization();
+
     // EN: Add CORS / VI: Thêm CORS
     builder.Services.AddCors(options =>
     {

services/inventory-service-net/src/InventoryService.API/InventoryService.API.csproj

@@ -19,6 +19,9 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     
+    <!-- EN: JWT Bearer Authentication / VI: JWT Bearer Authentication -->
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+    
     <!-- EN: Swagger/OpenAPI / VI: Swagger/OpenAPI -->
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     <PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="7.2.0" />

services/inventory-service-net/src/InventoryService.API/Program.cs

@@ -88,6 +88,26 @@ try
             name: "postgresql",
             tags: ["db", "postgresql"]);
 
+    // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication
+    var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001";
+    var jwtSecret = builder.Configuration["Jwt:Secret"] ?? "";
+    builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme)
+        .AddJwtBearer(options =>
+        {
+            options.RequireHttpsMetadata = false;
+            options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+            {
+                ValidateIssuer = false,
+                ValidateAudience = false,
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret),
+                IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret)
+                    ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret))
+                    : null,
+            };
+        });
+    builder.Services.AddAuthorization();
+
     // EN: Add CORS / VI: Thêm CORS
     builder.Services.AddCors(options =>
     {

services/order-service-net/src/OrderService.API/OrderService.API.csproj

@@ -19,6 +19,9 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     
+    <!-- EN: JWT Bearer Authentication / VI: JWT Bearer Authentication -->
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+    
     <!-- EN: Swagger/OpenAPI / VI: Swagger/OpenAPI -->
     <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
     

services/order-service-net/src/OrderService.API/Program.cs

@@ -148,6 +148,26 @@ try
             name: "postgresql",
             tags: ["db", "postgresql"]);
 
+    // EN: Add JWT Bearer authentication / VI: Thêm JWT Bearer authentication
+    var jwtAuthority = builder.Configuration["Jwt:Authority"] ?? "http://localhost:5001";
+    var jwtSecret = builder.Configuration["Jwt:Secret"] ?? "";
+    builder.Services.AddAuthentication(Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerDefaults.AuthenticationScheme)
+        .AddJwtBearer(options =>
+        {
+            options.RequireHttpsMetadata = false;
+            options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+            {
+                ValidateIssuer = false,
+                ValidateAudience = false,
+                ValidateLifetime = true,
+                ValidateIssuerSigningKey = !string.IsNullOrEmpty(jwtSecret),
+                IssuerSigningKey = !string.IsNullOrEmpty(jwtSecret)
+                    ? new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(jwtSecret))
+                    : null,
+            };
+        });
+    builder.Services.AddAuthorization();
+
     // EN: Add CORS / VI: Thêm CORS
     builder.Services.AddCors(options =>
     {