using APT.Infrastructure.Core;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using System;
using System.Text;
using APT.Infrastructure.Api;
namespace APT.RB.WebApi
{
    public static class BearerAuthHanddler
    {
        public static void RegisterBearAuth(this IServiceCollection services)
        {
            //services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            //   .AddJwtBearer(options =>
            //   {
            //       options.TokenValidationParameters = new TokenValidationParameters
            //       {
            //           ValidateIssuer = true,//是否验证Issuer
            //           ValidateAudience = true,//是否验证Audience
            //           ValidateLifetime = true,//是否验证失效时间
            //           ClockSkew = TimeSpan.FromSeconds(600),
            //           ValidateIssuerSigningKey = true,//是否验证SecurityKey
            //           ValidAudience = "leedarson.com",//Audience
            //           ValidIssuer = "leedarson.com",//Issuer，这两项和前面签发jwt的设置一致
            //           IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["SecurityKey"]))//拿到SecurityKey
            //       };
            //   });
            services.AddAuthentication("Bearer")
              .AddJwtBearer("Bearer", options =>
              {
                  options.Authority = ConfigurationManager.AppSettings["IdentityServer"];
                  options.RequireHttpsMetadata = false;
                  options.Audience = ConfigurationManager.AppSettings["Scope"];
              });
        }
    }
}