Hi all,
I'm working on ASP.Net Core 3.1 for API development, and I was adding logic to validate Bearer tokens, I'm quite new on this and found out logic like this:
public static void AddAuthentication(this IServiceCollection services, IConfiguration config)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.Authority = "https://loremipsum.com";
options.RequireHttpsMetadata = true;
options.Audience = "LoremIpSum";
options.SaveToken = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateActor = true,
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
RequireExpirationTime = true,
ValidIssuer = "https://loremipsum.com",
NameClaimType = "name"
};
})
.AddCookie(options => options.SlidingExpiration = true);
}I was wondering, this allows me to specify some options, but how can I tell to validate tokens offline or online?
Or by default this provides logic only for online validation?
This might be a rookie question and it may be quite simple but I'm not following :(