码迷,mamicode.com
首页 > Web开发 > 详细

Asp.net Core JsonWebToken记录

时间:2020-01-18 22:49:12      阅读:125      评论:0      收藏:0      [点我收藏+]

标签:def   log   time   hex   DDM   header   add   bapi   ons   

nuget 引入 Microsoft.AspNetCore.Authentication.JwtBearer

Startup中

 app.UseAuthentication();
      #region JWT
            //读取配置文件
            services.Configure<TokenManagement>(Configuration.GetSection("tokenManagement"));
            var token = Configuration.GetSection("tokenManagement").Get<TokenManagement>();
            //注入JWT
            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(token.Secret)),
                    ValidIssuer = token.Issuer,
                    ValidAudience = token.Audience,
                    ValidateIssuer = false,
                    ValidateAudience = false
                };

            });
            //权限注入
            services.AddScoped<IAuthenticateService, TokenAuthenticationService>();
            //验证是否有权限
            services.AddScoped<IUserService, UserService>();
            #endregion

  appsettings.json 中配置文件

 "tokenManagement": {
    "secret": "123456123456123456", //发现HS256算法的秘钥长度最新为128位,转换成字符至少16字符
    "issuer": "webapi.cn",
    "audience": "WebApi",
    "accessExpiration": 30,
    "refreshExpiration": 60
  }
//jwt实体配置
public
class TokenManagement { [JsonProperty("secret")] public string Secret { get; set; } [JsonProperty("issuer")] public string Issuer { get; set; } [JsonProperty("audience")] public string Audience { get; set; } [JsonProperty("accessExpiration")] public int AccessExpiration { get; set; } [JsonProperty("refreshExpiration")] public int RefreshExpiration { get; set; } }
//登陆验证返回token信息
public bool IsAuthenticated(LoginRequestDTO request, out string token) { token = string.Empty; if (!_userService.IsValid(request)) return false; var claims = new[] { new Claim(ClaimTypes.Name,request.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken(_tokenManagement.Issuer, _tokenManagement.Audience, claims, expires: DateTime.Now.AddMinutes(_tokenManagement.AccessExpiration), signingCredentials: credentials); token = new JwtSecurityTokenHandler().WriteToken(jwtToken); return true; }
//获取token 信息
public static LoginRequestDTO UserInfo(this HttpContext httpcontent) { LoginRequestDTO user = null; var data = httpcontent.Request; var handerResult = httpcontent.Request.Headers["Authorization"].ToString().Replace("Bearer ", ""); if (!string.IsNullOrEmpty(handerResult)) { var dataResult = Validate(handerResult, payLoad => { user = new LoginRequestDTO(); user.Username = payLoad[ClaimTypes.Name]?.ToString(); return true; }); } return user; } public static bool Validate(string encodeJwt, Func<Dictionary<string, object>, bool> validatePayLoad) { var success = true; var jwtArr = encodeJwt.Split(.); var header = JsonConvert.DeserializeObject<Dictionary<string, object>>(Base64UrlEncoder.Decode(jwtArr[0])); var payLoad = JsonConvert.DeserializeObject<Dictionary<string, object>>(Base64UrlEncoder.Decode(jwtArr[1])); //配置信息 var hs256 = new HMACSHA256(Encoding.ASCII.GetBytes("123456123456123456")); //首先验证签名是否正确(必须的) success = success && string.Equals(jwtArr[2], Base64UrlEncoder.Encode(hs256.ComputeHash(Encoding.UTF8.GetBytes(string.Concat(jwtArr[0], ".", jwtArr[1]))))); if (!success) { return success;//签名不正确直接返回 } //其次验证是否在有效期内(也应该必须) var now = ToUnixEpochDate(DateTime.UtcNow); success = success && (now < long.Parse(payLoad["exp"].ToString())); //再其次 进行自定义的验证 success = success && validatePayLoad(payLoad); return success; } public static long ToUnixEpochDate(DateTime date) => (long)Math.Round((date.ToUniversalTime() - new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero)).TotalSeconds);

Asp.net Core JsonWebToken记录

标签:def   log   time   hex   DDM   header   add   bapi   ons   

原文地址:https://www.cnblogs.com/zxp6/p/12210544.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!