Once NuGet is done, open the Startup.cs file, scroll down until we reach the ConfigureServices method, and add the Facebook service in the following way (relevant lines are highlighted):
[...]
// Add Authentication
services.AddAuthentication(opts =>
{
opts.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opts.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
// Add Jwt token support
.AddJwtBearer(cfg =>
{
cfg.RequireHttpsMetadata = false;
cfg.SaveToken = true;
cfg.TokenValidationParameters = new TokenValidationParameters()
{
// standard configuration
ValidIssuer = Configuration["Auth:Jwt:Issuer"],
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(Configuration["Auth:Jwt:Key"])),
ValidAudience = Configuration["Auth:Jwt:Audience"],
ClockSkew = TimeSpan.Zero,
// security switches
RequireExpirationTime = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateAudience = true
};
cfg.IncludeErrorDetails = true;
})
// Add Facebook support
.AddFacebook(opts =>
{
opts.AppId = Configuration["Auth:Facebook:AppId"];
opts.AppSecret = Configuration["Auth:Facebook:AppSecret"];
});
[...]
We already knew that the authentication services can be chained; we already did that with our JwtBearer service back in Chapter 8, Authentication and Authorization. While we were there, we also took the chance to update the source code comments to better explain what's going on.
Note that we only used a small set of the available FacebookOptions supported by the service; to know more about them, we strongly suggest to take a look at the official API reference at https://docs.microsoft.com/aspnet/core/api/microsoft.aspnetcore.builder.facebookoptions.