fix: Issuer default value from HttpContext

updated docs

Author: brunobritodev

README.md

@@ -80,7 +80,6 @@ Set your `appsettings.json` file with this values:
 
 ```json
 "AppJwtSettings": {
-    "Issuer": "https://my-application.com",
     "Audience": "MyApplication.Name"
 }
 ``` 
@@ -89,9 +88,10 @@ It's possible to configure some aspects of token
 |Key|Meaning|Default
 |--|--|---|
 |Expiration| Expiration time (in hours)  | 1 |
-|Issuer| The name of the JWT issuer  | NetDevPack.Identity |
-|Audience| The domain that the JWT will be valid | Api |
+|Issuer| The party that "created" the token and signed it with its private key. Usually the application Url  | Get current root Url from `HttpContext` |
+|Audience| API's that should accept the token. E.g your application Main name. | NetDevPack |
 |RefreshTokenExpiration  | Refresh token expiration (In Days) | 30 |
+|RefreshTokenType  | `OneTime` or `ReUse` | 30 |
 |SecretKey `Deprecated`  | Is your key to build JWT. **Read notes**| Do not use it |
 
 >**Note:** Now we are using [NetDevPack.Security.Jwt](https://github.com/NetDevPack/Security.Jwt) to generate and Store your keys. It generate a RSA 2048 by default. You can check the project for more info.

src/NetDevPack.Identity/Jwt/JwtBuilderInject.cs

@@ -5,6 +5,7 @@
 using System.Security.Claims;
 using System.Text;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.JsonWebTokens;
@@ -25,6 +26,7 @@ internal class JwtBuilderInject<TIdentityUser, TKey> : IJwtBuilder
     private readonly UserManager<TIdentityUser> _userManager;
     private readonly IOptions<AppJwtSettings> _settings;
     private readonly IJwtService _jwtService;
+    private readonly IHttpContextAccessor _httpContext;
 
     private ICollection<Claim> _userClaims;
     private ICollection<Claim> _jwtClaims;
@@ -43,11 +45,16 @@ internal class JwtBuilderInject<TIdentityUser, TKey> : IJwtBuilder
     private bool _useDefaultJwtClaims;
     private TIdentityUser _user;
 
-    public JwtBuilderInject(UserManager<TIdentityUser> userManager, IOptions<AppJwtSettings> settings, IJwtService jwtService)
+    public JwtBuilderInject(
+        UserManager<TIdentityUser> userManager, 
+        IOptions<AppJwtSettings> settings, 
+        IJwtService jwtService, 
+        IHttpContextAccessor httpContext)
     {
         _userManager = userManager;
         _settings = settings;
         _jwtService = jwtService;
+        _httpContext = httpContext;
         _userClaims = new List<Claim>();
         _jwtClaims = new List<Claim>();
         _identityClaims = new ClaimsIdentity();
@@ -128,9 +135,13 @@ public async Task<string> BuildRefreshToken()
 
         var handler = new JwtSecurityTokenHandler();
 
+        var issuer = _settings.Value.Issuer;
+        if (string.IsNullOrEmpty(issuer))
+            issuer = $"{_httpContext.HttpContext.Request.Scheme}://{_httpContext.HttpContext.Request.Host}";
+
         var securityToken = handler.CreateToken(new SecurityTokenDescriptor
         {
-            Issuer = _settings.Value.Issuer,
+            Issuer = issuer,
             Audience = _settings.Value.Audience,
             SigningCredentials = key,
             Subject = identityClaims,
@@ -185,10 +196,13 @@ public async Task<string> BuildToken()
             _identityClaims.AddClaims(_userClaims);
         }
 
+        var issuer = _settings.Value.Issuer;
+        if (string.IsNullOrEmpty(issuer))
+            issuer = $"{_httpContext.HttpContext.Request.Scheme}://{_httpContext.HttpContext.Request.Host}";
 
         var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
         {
-            Issuer = _settings.Value.Issuer,
+            Issuer = issuer,
             Audience = _settings.Value.Audience,
             Subject = _identityClaims,
             Expires = DateTime.UtcNow.AddHours(_settings.Value.Expiration),

src/NetDevPack.Identity/JwtBuilderExtensions.cs

@@ -17,17 +17,17 @@ public static class JwtBuilderExtensions
     public static IJwksBuilder UseNetDevPackIdentity<TIdentityUser, TKey>(this IServiceCollection services) where TIdentityUser : IdentityUser<TKey> where TKey : IEquatable<TKey>
     {
         services.TryAddScoped<IJwtBuilder, JwtBuilderInject<TIdentityUser, TKey>>();
-        return services.AddJwksManager();
+        return services.AddHttpContextAccessor().AddJwksManager();
     }
     public static IJwksBuilder UseNetDevPackIdentity<TIdentityUser>(this IServiceCollection services) where TIdentityUser : IdentityUser
     {
         services.TryAddScoped<IJwtBuilder, JwtBuilderInject<TIdentityUser, string>>();
-        return services.AddJwksManager();
+        return services.AddHttpContextAccessor().AddJwksManager();
     }
     public static IJwksBuilder UseNetDevPackIdentity(this IServiceCollection services)
     {
         services.TryAddScoped<IJwtBuilder, JwtBuilderInject<IdentityUser, string>>();
-        return services.AddJwksManager();
+        return services.AddHttpContextAccessor().AddJwksManager();
     }
 
     public static IdentityBuilder AddIdentityConfiguration(this IServiceCollection services)

src/NetDevPack.Identity/NetDevPack.Identity.csproj

@@ -22,7 +22,7 @@
 
   <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.1'">
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.1.24" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.1.15" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.1.24" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net5.0'">