Issue adding OAuth Bearer authorization policy to ASP.Net 5 application

Question

I am building a REST API using OAuth Bearer tokens as my method of authentication. So, I attempted to add an authorization policy so that I could do something like [A

Answer 1

Update: in recent betas, configuring security options from ConfigureServices is no longer possible (except for Identity). You now need to directly configure the JWT options when calling app.UseJwtBearerAuthentication():

public void Configure(IApplicationBuilder app) {
    app.UseJwtBearerAuthentication(options => {
        // Configure the JWT options here.
    });
}

---

You forgot to add the OAuth2 bearer authentication middleware in your pipeline:

public void Configure(IApplicationBuilder app, IHostingEnvironment env) {
    app.UseStaticFiles();

    app.UseOAuthBearerAuthentication();

    app.UseIdentity();

    app.UseMvc(routes => {
        routes.MapRoute(
            name: "default",
            template: "api/{controller}/{action}/{id?}",
            defaults: new {
                controller = "Home",
                action = "Index"

            });
    });
}

You're also not using the recommended approach to register the settings used by the OAuth2 bearer middleware:

public void ConfigureServices(IServiceCollection services) {
    // Not recommended approach.
    services.AddInstance(new OAuthBearerAuthenticationOptions { });

    // Recommended approach.
    services.ConfigureOAuthBearerAuthentication(options => {
        // Configure the options used by the OAuth2 bearer middleware.
    });
}