How to use JWT authorization？

[yaugkeer]

In another grpc project grpc-dotnet, in server side, there is a method which is generated by proto compiler use token as a parameter.
[https://github.com/grpc/grpc-dotnet/tree/master/examples/Ticketer]
In client side, it can be used like below:
Metadata? headers = null;
if (token != null)
{
headers = new Metadata();
headers.Add("Authorization", $"Bearer {token}");
}

var response = await client.BuyTicketsAsync(new BuyTicketsRequest { Count = 1 }, headers);

The mothed BuyTicketsAsync is generated by proto compiler because it use .proto in server-side , but we have no .proto files.
Its original method has a "Authorize" attribute, like below:
Can I use the Authorize attibute like that using serviceModel.grpc?
[Authorize]
public override Task BuyTickets(BuyTicketsRequest request, ServerCallContext context)
{
var user = context.GetHttpContext().User;

return Task.FromResult(new BuyTicketsResponse
{
    Success = _ticketRepository.BuyTickets(user.Identity!.Name!, request.Count)
});

}

[max-ieremenko]

Can I use the Authorize attibute like that using serviceModel.grpc?

If your service expects only authorized requests, you should. See example, https://github.com/max-ieremenko/ServiceModel.Grpc/tree/master/Examples/JsonWebTokenAuthentication

[yaugkeer]

But I don't use WebApplicationBuilder to host, I use IHostBuilder. So there is no HttpContext.
In the example above, it use HttpContext:
And other examples all use the HttpContextAccessor, I can't find an exception.
private string GetHttpContextUserName()
{
var identity = _httpContextAccessor.HttpContext!.User.Identity;
return identity?.IsAuthenticated == true ? identity.Name! : "";
}

[max-ieremenko]

In your case there is HttpContext

Host
  .CreateDefaultBuilder()
  .ConfigureServices(services =>
  {
	services.AddHttpContextAccessor();
  });

[yaugkeer]

I have the similar code:
but it has no impact, even though I changed it to: services.AddHttpContextAccessor();
`return Host
.CreateDefaultBuilder(args)
.ConfigureServices(services =>
{
PersonModule.ConfigureServices(services);
LexModule.ConfigureServices(services);
services.AddTransient();
services.AddTransient();
services.AddTransient<IHttpContextAccessor, HttpContextAccessor>();

//services.AddJwtBearerAuthentication();
services.AddHostedService(serviceProvider => new ServerHost(serviceProvider));

})
.Build()
.RunAsync();`

[max-ieremenko]

Could you share the project or create a small one?

[yaugkeer]

I have a project(console project, whether it is the point, because it is not ASP.NET project.) that base on another open source project, the main method in program.cs:

static Task Main(string[] args)
{
    ServerHost.InitializeNop(["%LAUNCHER_PATH%"]);

    return Host
    .CreateDefaultBuilder(args)
    .ConfigureServices(services =>
    {
        PersonModule.ConfigureServices(services);
        LexModule.ConfigureServices(services);
        services.AddTransient<ServerLoggerInterceptor>();
        services.AddTransient<DemoService>();
        services.AddTransient<IHttpContextAccessor, HttpContextAccessor>();

        //services.AddJwtBearerAuthentication();//
        services.AddHostedService(serviceProvider => new ServerHost(serviceProvider));
    })
    .Build()
    .RunAsync();
   }

ServerHost.InitializeNop:
The method is a main method even though it has no {} which is not a necessary thing. in another open project( asp.net core web API , maybe this is a another point, coz I use it in console project)
But I comment the last line, which start ASP.NET CORE

public static void InitializeNop(string[] args)
{
    var builder = Microsoft.AspNetCore.Builder.WebApplication.CreateBuilder(args);
    
    builder.Configuration.AddJsonFile(NopConfigurationDefaults.AppSettingsFilePath, true, true);
    if (!string.IsNullOrEmpty(builder.Environment?.EnvironmentName))
    {
        var path = string.Format(NopConfigurationDefaults.AppSettingsEnvironmentFilePath, builder.Environment.EnvironmentName);
        builder.Configuration.AddJsonFile(path, true, true);
    }
    builder.Configuration.AddEnvironmentVariables();
    
    //load application settings
    builder.Services.ConfigureApplicationSettings(builder);
    
    var appSettings = Singleton<AppSettings>.Instance;
    var useAutofac = appSettings.Get<CommonConfig>().UseAutofac;
    
    if (useAutofac)
        builder.Host.UseServiceProviderFactory(new AutofacServiceProviderFactory());
    else
        builder.Host.UseDefaultServiceProvider(options =>
        {
            //we don't validate the scopes, since at the app start and the initial configuration we need 
            //to resolve some services (registered as "scoped") through the root container
            options.ValidateScopes = false;
            options.ValidateOnBuild = true;
        });
    
    //add services to the application and configure service provider
    builder.Services.ConfigureApplicationServices(builder);//
    
    // enable ServiceModel.Grpc
    builder.Services.AddServiceModelGrpc();
    
    builder.Services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
    builder.Services.AddSingleton<IDemoService, DemoService>();
    
    builder.Services.AddAuthorization(options =>
    {
        options.FallbackPolicy = new AuthorizationPolicyBuilder()
            .RequireAuthenticatedUser()
            .Build();
    });
    
    builder.Services
        .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(options =>
        {
            options.RequireHttpsMetadata = false; // WARN: insecure connection should be used only in development environments
            options.SaveToken = false;
            options.TokenValidationParameters = new TokenValidationParameters
            {
                ValidateLifetime = false,
                ValidateAudience = false,
                ValidateIssuer = false,
                ValidateActor = false,
    
                // dummy key, only for demo purposes, must be synchronized with Client
                IssuerSigningKey = new SymmetricSecurityKey(new byte[256 / 8])
            };
        });
    
    var app = builder.Build();
    
    app
    .UseRouting()
    .UseAuthentication()
    .UseAuthorization();
    
    // host DemoService, gRPC endpoint will be generated at runtime by ServiceModel.Grpc
    app.MapGrpcService<DemoService>();
    
    //configure the application HTTP request pipeline  
    app.ConfigureRequestPipeline();
    app.StartEngine();
    
    //app.Run();//
}

public ServerHost(IServiceProvider serviceProvider)
{
    _server = new Server
    {
        Ports =
        {
            new ServerPort("localhost", SharedConfiguration.NativegRPCPersonServicePort, ServerCredentials.Insecure),
            new ServerPort("localhost", SharedConfiguration.NativegRPCLexServicePort, ServerCredentials.Insecure),
            new ServerPort("localhost", 8092, ServerCredentials.Insecure)
        }
    };
    _server.Services.AddServiceModel<PersonService>(
        serviceProvider,
        options =>
        {
            options.ConfigureServiceDefinition = definition =>
            {
                var interceptor = options.ServiceProvider!.GetRequiredService<ServerLoggerInterceptor>();
                return definition.Intercept(interceptor);
            };
        });

    _server.Services.AddServiceModel<LexService>(
        serviceProvider,
        options =>
        {
            options.ConfigureServiceDefinition = definition =>
            {
                var interceptor = options.ServiceProvider!.GetRequiredService<ServerLoggerInterceptor>();
                return definition.Intercept(interceptor);
            };
        });
    _server.Services.AddServiceModel<DemoService>(
        serviceProvider,
        options =>
        {
            options.ConfigureServiceDefinition = definition =>
            {
                var interceptor = options.ServiceProvider!.GetRequiredService<ServerLoggerInterceptor>();
                return definition.Intercept(interceptor);
            };
        });
}

[max-ieremenko]

The first example is based on Grpc.Core.Server, which is kind of deprecated.
builder.Services.AddAuthentication.AddJwtBearer will also not work with Grpc.Core.Server out of the box.

The second example is based on Grpc.AspNetCore.Server and ASP.NET where you have all functionality out of the box.
This is a good choice if you do not have strong restrictions against ASP.NET.

[yaugkeer]

Thanks, I have change it to Grpc.AspNetCore.Server.
It runs good.

[yaugkeer]

max-ieremenko gave the answer for my question.