GeorgDangl · November 8, 2017 20:53
diff --git a/configure-identity.cs b/configure-identity.cs
 services.AddIdentity<AppUser, AppRole>();
 services.AddAuthentication()
        .AddIdentityServerAuthentication(o =>
        {
            o.RequireHttpsMetadata = !environment.IsDevelopment();
            o.ApiName = "api";
            o.Authority = configuration["IdentityServer:Authority"];
        });
diff --git a/configure-policy.cs b/configure-policy.cs
 services.AddMvc(options =>
        {
            // The default policy is to make sure that both authentication schemes - Cookie and Jwt - are challenged
            var defaultPolicy = new AuthorizationPolicyBuilder(IdentityConstants.ApplicationScheme, "Bearer")
                .RequireAssertion(c => true) // A requirement is mandatory
                .Build();
            options.Filters.Add(new AuthorizeFilter(defaultPolicy));
        })
	services.AddIdentity<AppUser, AppRole>();
	services.AddAuthentication()
	.AddIdentityServerAuthentication(o =>
	{
	o.RequireHttpsMetadata = !environment.IsDevelopment();
	o.ApiName = "api";
	o.Authority = configuration["IdentityServer:Authority"];
	});
	services.AddMvc(options =>
	{
	// The default policy is to make sure that both authentication schemes - Cookie and Jwt - are challenged
	var defaultPolicy = new AuthorizationPolicyBuilder(IdentityConstants.ApplicationScheme, "Bearer")
	.RequireAssertion(c => true) // A requirement is mandatory
	.Build();
	options.Filters.Add(new AuthorizeFilter(defaultPolicy));
	})