devel0
diff --git a/‎src/backend/Extensions/Auth.cs
Lines changed: 15 additions & 43 deletions b/‎src/backend/Extensions/Auth.cs
Lines changed: 15 additions & 43 deletions
diff --git a/‎src/backend/Services/Implementations/Auth/AuthService.cs
Lines changed: 38 additions & 6 deletions b/‎src/backend/Services/Implementations/Auth/AuthService.cs
Lines changed: 38 additions & 6 deletions
@@ -73,14 +73,15 @@ public static void SetupApplicationCookie(this WebApplicationBuilder builder)
         builder.Services.ConfigureApplicationCookie(configure =>
         {
             configure.Cookie.Name = WEB_ApplicationCookieName;
-
-            builder.Environment.SetCookieOptions(configure.Cookie);
+            configure.Cookie.SecurePolicy = CookieSecurePolicy.Always;
+            configure.Cookie.HttpOnly = true;
+            configure.Cookie.SameSite = SameSiteMode.Strict;
         });
     }
 
     /// <summary>
     /// Add Identity provider with custom <see cref="ApplicationUser"/> user and system <see cref="IdentityRole"/> role management.
-    /// Add <see cref="ApplicationDbContext"/> ef store for the identities.
+    /// Add <see cref="AppDbContext"/> ef store for the identities.
     /// Add default token providers.
     /// </summary>        
     public static void SetupIdentityProvider(this IServiceCollection serviceCollection) => serviceCollection
@@ -101,11 +102,7 @@ public static List<string> GetRoles(this IEnumerable<Claim> claims) =>
         claims.Where(r => r.Type == ClaimTypes.Role).Select(w => w.Value).ToList();
 
     /// <summary>
-    /// Get JWT token validation parameters from given options and current configuration.
-    /// <seealso cref="CONFIG_KEY_JwtSettings_Issuer"/>
-    /// <seealso cref="CONFIG_KEY_JwtSettings_Audience"/>
-    /// <seealso cref="CONFIG_KEY_JwtSettings_Key"/>
-    /// <seealso cref="CONFIG_KEY_JwtSettings_ClockSkewSeconds"/>
+    /// Get JWT token validation parameters from given options and current configuration.    
     /// </summary>    
     /// <param name="validateIssuer">Will validate issuer (default: true).</param>
     /// <param name="validateAudience">Will validate audience (default: true).</param>
@@ -189,8 +186,16 @@ userManager is not null && logger is not null &&
                                 {
                                     var opts = new CookieOptions();
 
-                                    hostEnvironment.SetCookieOptions(builder.Configuration, opts, setExpiresAsRefreshToken: true);
-                                    context.HttpContext.Response.Cookies.Append(WEB_CookieName_XAccessToken, res.AccessToken, opts);
+                                    context.HttpContext.Response.Cookies.Append(
+                                        WEB_CookieName_XAccessToken,
+                                        res.AccessToken,
+                                        new CookieOptions
+                                        {
+                                            Secure = true,
+                                            HttpOnly = true,
+                                            SameSite = SameSiteMode.Strict,
+                                            Expires = DateTimeOffset.UtcNow + builder.Configuration.GetAppConfig().Auth.Jwt.AccessTokenDuration
+                                        });
 
                                     context.Principal = res.Principal;
                                     context.Success();
@@ -211,37 +216,4 @@ userManager is not null && logger is not null &&
 
         });
 
-    /// <summary>
-    /// Configure given CookieBuilder to set Secure, HttpOnly and Strict SameSite options on created cookies.    
-    /// </summary>
-    public static void SetCookieOptions(this IHostEnvironment environment, CookieBuilder cookieBuilder)
-    {
-        cookieBuilder.SecurePolicy = CookieSecurePolicy.Always;
-        cookieBuilder.HttpOnly = true;
-        cookieBuilder.SameSite = SameSiteMode.Strict;
-    }
-
-    /// <summary>
-    /// Configure given CookieOptions to set Secure, HttpOnly and Strict SameSite options on created cookies.    
-    /// </summary>
-    /// <param name="environment"></param>
-    /// <param name="configuration"></param>
-    /// <param name="cookieOptions"></param>
-    /// <param name="setExpiresAsRefreshToken">if true set expiration time as from JwtSettings:RefreshTokenDurationSeconds</param>    
-    public static void SetCookieOptions(this IHostEnvironment environment, IConfiguration configuration,
-         CookieOptions cookieOptions, bool setExpiresAsRefreshToken = false)
-    {
-        cookieOptions.Secure = true;
-        cookieOptions.HttpOnly = true;
-        cookieOptions.SameSite = SameSiteMode.Strict;
-
-        if (setExpiresAsRefreshToken)
-        {
-            var cookieDuration = configuration.GetAppConfig().Auth.Jwt.RefreshTokenDuration;
-
-            cookieOptions.Expires = DateTimeOffset.Now.Add(cookieDuration);
-        }
-    }
-
-
 }
@@ -1,3 +1,5 @@
+using Org.BouncyCastle.Bcpg.Sig;
+
 namespace ExampleWebApp.Backend.WebApi.Services.Auth;
 
 public class AuthService : IAuthService
@@ -150,9 +152,30 @@ public async Task<LoginResponseDto> LoginAsync(
 
         var userName = user.UserName!;
 
-        environment.SetCookieOptions(configuration, opts, setExpiresAsRefreshToken: true);
-        httpContext.Response.Cookies.Append(WEB_CookieName_XAccessToken, accessToken, opts);
-        httpContext.Response.Cookies.Append(WEB_CookieName_XRefreshToken, refreshTokenNfo.RefreshToken, opts);
+        var appConfig = configuration.GetAppConfig();
+
+        // environment.SetCookieOptions(configuration, opts, setExpiresAsRefreshToken: true);
+        httpContext.Response.Cookies.Append(
+            WEB_CookieName_XAccessToken,
+            accessToken,
+            new CookieOptions
+            {
+                Secure = true,
+                HttpOnly = true,
+                SameSite = SameSiteMode.Strict,
+                Expires = DateTimeOffset.UtcNow + appConfig.Auth.Jwt.AccessTokenDuration
+            });
+
+        httpContext.Response.Cookies.Append(
+            WEB_CookieName_XRefreshToken,
+            refreshTokenNfo.RefreshToken,
+            new CookieOptions
+            {
+                Secure = true,
+                HttpOnly = true,
+                SameSite = SameSiteMode.Strict,
+                Expires = DateTimeOffset.UtcNow + appConfig.Auth.Jwt.RefreshTokenDuration
+            });
 
         var roles = claims.GetRoles();
 
@@ -250,9 +273,18 @@ public async Task<RenewRefreshTokenResponse> RenewCurrentUserRefreshTokenAsync(C
             if (renewedRefreshTokenNfo is null)
                 return new RenewRefreshTokenResponse { Status = RenewRefreshTokenStatus.InvalidRefreshToken };
 
-            var opts = new CookieOptions();
-            environment.SetCookieOptions(configuration, opts, setExpiresAsRefreshToken: true);
-            httpContext.Response.Cookies.Append(WEB_CookieName_XRefreshToken, renewedRefreshTokenNfo.RefreshToken, opts);
+            // var opts = new CookieOptions();
+            // environment.SetCookieOptions(configuration, opts, setExpiresAsRefreshToken: true);
+            httpContext.Response.Cookies.Append(
+                WEB_CookieName_XRefreshToken,
+                renewedRefreshTokenNfo.RefreshToken,
+                new CookieOptions
+                {
+                    Secure = true,
+      
5D42
              HttpOnly = true,
+                    SameSite = SameSiteMode.Strict,
+                    Expires = DateTimeOffset.UtcNow + configuration.GetAppConfig().Auth.Jwt.RefreshTokenDuration
+                });
 
             return new RenewRefreshTokenResponse { Status = RenewRefreshTokenStatus.OK, RefreshTokenNfo = renewedRefreshTokenNfo };
         }