Steeltoe ASP.NET Core CloudFoundryJwtBearer breaking change?

Question

I was trying to update my ASP.NET Core (.NET 6) Web API to use Steeltoe 3.x (it currently uses 2.1.1), but I've run into a breaking problem with JWT authorization. After some checking, the same problem occurs when updating to 2.5.5.

In my project I have this code:

var builder = WebApplication.CreateBuilder(args);

builder.WebHost.UseCloudFoundryHosting().AddCloudFoundry();
//other code
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddCloudFoundryJwtBearer(builder.Configuration);

It works fine

I tried to change it to this code, when updating to Steeltoe 3.2.2:

var builder = WebApplication.CreateBuilder(args);

builder.WebHost.UseCloudHosting().AddCloudFoundryConfiguration();
//other code
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddCloudFoundryJwtBearer(builder.Configuration);

But it didn't work, there were no claims in the AuthorizationContext Then I tried to use the first code, but using Steeltoe 2.5.5, but encountered the same problem.

Is there some additional configuration required in the newer versions of Steeltoe?

Answer 1

UPDATE

I apologize, now I have updated the code.

In Steeltoe 3.x, you could try the code below.

var builder = WebApplication.CreateBuilder(args);

builder.WebHost.UseCloudHosting().AddCloudFoundryConfiguration();

//other code

builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
        options.Authority = "https://your-authorization-server-url";;
        options.Audience = "your-api-or-resource-name";
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = false
        };
});