/// <summary>
/// 从本地文件中读取用来签发 Token 的 RSA Key
/// </summary>
/// <param name="filePath">存放密钥的文件夹路径</param>
/// <param name="withPrivate"></param>
/// <param name="keyParameters"></param>
/// <returns></returns>
public static bool TryGetKeyParameters(JupiterKeys keys, out RSAParameters keyParameters)
{
//keyParameters = default(RSAParameters);
keyParameters = JsonConvert.DeserializeObject <RSAParameters>(keys.PublicKey);
return(true);
}
public static void AddJwtBearerAuthentication(this IServiceCollection services, JupiterKeys keys)
{
if (!TryGetKeyParameters(keys, out RSAParameters keyParams))
{
throw new UnauthorizeException();
}
var key = new RsaSecurityKey(keyParams);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie(cfg => cfg.SlidingExpiration = true)
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = true;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = key,
ValidateIssuer = true,
ValidIssuer = "Jupiter",
ValidateAudience = false,
};
});
}
