C# json web token

一、安装Jwt

 Install-Package System.IdentityModel.Tokens.Jwt -Version 5.2.4

 

二、新建帮助类创建token和验证token

    public class JwtHelper
    {
        //json web key
        public static JsonWebKey JsonWebKeyRsa256
        {
            get
            {
                //JsonWebKey jwk = new JsonWebKey
                //{
                //    D = "C6EGZYf9U6RI5Z0BBoSlwy_gKumVqRx-dBMuAfPM6KVbwIUuSJKT3ExeL5P0Ky1b4p-j2S3u7Afnvrrj4HgVLnC1ks6rEOc2ne5DYQq8szST9FMutyulcsNUKLOM5cVromALPz3PAqE2OCLChTiQZ5XZ0AiH-KcG-3hKMa-g1MVnGW-SSmm27XQwRtUtFQFfxDuL0E0fyA9O9ZFBV5201ledBaLdDcPBF8cHC53Gm5G6FRX3QVpoewm3yGk28Wze_YvNl8U3hvbxei2Koc_b9wMbFxvHseLQrxvFg_2byE2em8FrxJstxgN7qhMsYcAyw1qGJY-cYX-Ab_1bBCpdcQ",                    
                //    DP = "ErP3OpudePAY3uGFSoF16Sde69PnOra62jDEZGnPx_v3nPNpA5sr-tNc8bQP074yQl5kzSFRjRlstyW0TpBVMP0ocbD8RsN4EKsgJ1jvaSIEoP87OxduGkim49wFA0Qxf_NyrcYUnz6XSidY3lC_pF4JDJXg5bP_x0MUkQCTtQE",
                //    DQ = "YbBsthPt15Pshb8rN8omyfy9D7-m4AGcKzqPERWuX8bORNyhQ5M8JtdXcu8UmTez0j188cNMJgkiN07nYLIzNT3Wg822nhtJaoKVwZWnS2ipoFlgrBgmQiKcGU43lfB5e3qVVYUebYY0zRGBM1Fzetd6Yertl5Ae2g2CakQAcPs",
                //    E = "AQAB",
                //    QI = "lbljWyVY-DD_Zuii2ifAz0jrHTMvN-YS9l_zyYyA_Scnalw23fQf5WIcZibxJJll5H0kNTIk8SCxyPzNShKGKjgpyZHsJBKgL3iAgmnwk6k8zrb_lqa0sd1QWSB-Rqiw7AqVqvNUdnIqhm-v3R8tYrxzAqkUsGcFbQYj4M5_F_4",
                //    N = "6-FrFkt_TByQ_L5d7or-9PVAowpswxUe3dJeYFTY0Lgq7zKI5OQ5RnSrI0T9yrfnRzE9oOdd4zmVj9txVLI-yySvinAu3yQDQou2Ga42ML_-K4Jrd5clMUPRGMbXdV5Rl9zzB0s2JoZJedua5dwoQw0GkS5Z8YAXBEzULrup06fnB5n6x5r2y1C_8Ebp5cyE4Bjs7W68rUlyIlx1lzYvakxSnhUxSsjx7u_mIdywyGfgiT3tw0FsWvki_KYurAPR1BSMXhCzzZTkMWKE8IaLkhauw5MdxojxyBVuNY-J_elq-HgJ_dZK6g7vMNvXz2_vT-SykIkzwiD9eSI9UWfsjw",                    
                //    P = "_avCCyuo7hHlqu9Ec6R47ub_Ul_zNiS-xvkkuYwW-4lNnI66A5zMm_BOQVMnaCkBua1OmOgx7e63-jHFvG5lyrhyYEmkA2CS3kMCrI-dx0fvNMLEXInPxd4np_7GUd1_XzPZEkPxBhqf09kqryHMj_uf7UtPcrJNvFY-GNrzlJk",
                //    Q = "7gvYRkpqM-SC883KImmy66eLiUrGE6G6_7Y8BS9oD4HhXcZ4rW6JJKuBzm7FlnsVhVGro9M-QQ_GSLaDoxOPQfHQq62ERt-y_lCzSsMeWHbqOMci_pbtvJknpMv4ifsQXKJ4Lnk_AlGr-5r5JR5rUHgPFzCk9dJt69ff3QhzG2c",
                //    Kty = JsonWebAlgorithmsKeyTypes.RSA,
                //    Kid = "RsaSecurityKey_2048"
                //};

                // 使用此方法生成 jsonwebkey 保存成常量
                RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(2048);
                string xmlRsa = rsa.ToXmlString(true);
                JsonWebKey jwk = JsonWebKeyConverter.ConvertFromRSASecurityKey(new RsaSecurityKey(rsa));
                
                return jwk; } }
private static SigningCredentials _credentials; private static SigningCredentials Credentials { get { if (_credentials == null) { _credentials = new SigningCredentials(JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256, SecurityAlgorithms.Sha256); } return _credentials; } } /// <summary> /// DateTime as UTV for UnixEpoch /// </summary> public static readonly DateTime UnixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); // 传递的日期需要使用此方法转换成long 此方法从源码中复制出来的 public static long GetIntDate(DateTime datetime) { DateTime dateTimeUtc = datetime; if (datetime.Kind != DateTimeKind.Utc) { dateTimeUtc = datetime.ToUniversalTime(); } if (dateTimeUtc.ToUniversalTime() <= UnixEpoch) { return 0; } return (long)(dateTimeUtc - UnixEpoch).TotalSeconds; } // 创建token public static string CreateToken() { var tokenHandler = new JsonWebTokenHandler(); var payload = new JObject() { { "phone","13211212112"}, { JwtRegisteredClaimNames.Email, "Bob@contoso.com"}, { JwtRegisteredClaimNames.GivenName, "Bob"}, { JwtRegisteredClaimNames.Iss, "issuer" }, { JwtRegisteredClaimNames.Aud, "audience" }, { JwtRegisteredClaimNames.Nbf, GetIntDate(DateTime.Now)}, // 何时生效 { JwtRegisteredClaimNames.Exp,GetIntDate(DateTime.Now.AddSeconds(30000))} // 何时到期 }; var accessToken = tokenHandler.CreateToken(payload, Credentials); return accessToken; } // 验证token public static bool ValidateToken(string accessToken = "") { try { var tokenHandler = new JsonWebTokenHandler(); var tokenValidationParameters = new TokenValidationParameters() { ValidAudience = "audience", ValidIssuer = "issuer", IssuerSigningKey = Credentials.Key, ValidateLifetime = true, ValidateAudience = true , ValidateIssuer = true }; var tokenValidationResult = tokenHandler.ValidateToken(accessToken, tokenValidationParameters); var jsonWebToken = tokenValidationResult.SecurityToken as JsonWebToken; var email = jsonWebToken.Payload.Value<string>(JwtRegisteredClaimNames.Email); // Retrieving a claim value that isn’t provided as a JsonWebToken property if (!email.Equals("Bob@contoso.com")) { //throw new SecurityTokenException("Token does not contain the correct value for the 'email' claim."); return false; } } catch (Exception ex) { // 有效期,签名,issuer验证不通过都会异常 return false; } return true; } }

四、获取调用接口传递的token并验证
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var token = filterContext.HttpContext.Request.Headers["token"];
            //filterContext.Result = new ContentResult() { Content = "未获取到身份认证信息!", ContentEncoding = Encoding.UTF8, ContentType = "application/json" };
            if (string.IsNullOrWhiteSpace(token))
            {
                filterContext.Result = new JsonResult() { Data = new { code = 401, msg = "未获取到身份认证信息!" } };
            }
            else
            {
                //filterContext.Result = new JsonResult() { Data = new { code = 200, msg = authHeader,result=filterContext.Result } };
                bool bResult = JwtHelper.ValidateToken(token);
                if (!bResult)
                {
                    filterContext.Result = new JsonResult() { Data = new { code = 401, msg = "身份验证失败!" } };
                }
                else
                {
                    //filterContext.Result = new JsonResult() { Data = new { code = 200, msg = "身份认证成功!" } };
                }
            }
        }

五、使用js或其它方法调用时,将token附加到headers中。

 

 

posted @ 2018-08-31 16:58  Coder_小菜  阅读(1377)  评论(0编辑  收藏  举报