Beispiel #1
0
        //取得使用者信息
        public User GetUser(string token)
        {
            var split     = token.Split('.');
            var iv        = split[0];
            var encrypt   = split[1];
            var signature = split[2];

            //检查签章是否正确
            if (signature != TokenCrypto.ComputeHMACSHA256(iv + "." + encrypt, key.Substring(0, 64)))
            {
                return(null);
            }

            //使用 AES 解密 Payload
            var base64  = TokenCrypto.AESDecrypt(encrypt, key.Substring(0, 16), iv);
            var json    = Encoding.UTF8.GetString(Convert.FromBase64String(base64));
            var payload = JsonConvert.DeserializeObject <Payload>(json);

            //检查是否过期
            if (payload.Exp < Convert.ToInt32(
                    (DateTime.Now - new DateTime(1970, 1, 1)).TotalSeconds))
            {
                return(null);
            }

            return(payload.Info);
        }
Beispiel #2
0
        //产生 Token
        public Token Create(User user)
        {
            var exp = 36000;   //过期时间(秒)

            //稍微修改 Payload 将使用着咨询和过期时间翻开
            var payload = new Payload
            {
                Info = user,
                //Unix 时间戳
                Exp = Convert.ToInt32((DateTime.Now.AddSeconds(exp) - new DateTime(1970, 1, 1)).TotalSeconds)
            };

            var json   = JsonConvert.SerializeObject(payload);
            var base64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(json));
            var iv     = Guid.NewGuid().ToString().Replace("-", "").Substring(0, 16);

            //使用 AES 加密 Payload
            var encrypt = TokenCrypto.AESEncrypt(base64, key.Substring(0, 16), iv);

            //取得签章
            var signature = TokenCrypto.ComputeHMACSHA256(iv + "." + encrypt, key.Substring(0, 64));

            return(new Token
            {
                //Token 为 iv + encrypt + signature,并用 . 串联
                Access_token = iv + "." + encrypt + "." + signature,
                //Refresh Token 使用 Guid 产生
                Refresh_token = Guid.NewGuid().ToString().Replace("-", ""),
                Expires_in = exp,
            });
        }
Beispiel #3
0
        public ClaimsPrincipal GetPrincipal(string token)
        {
            var split     = token.Split('.');
            var iv        = split[0];
            var encrypt   = split[1];
            var signature = split[2];

            //檢查簽章是否正確
            if (signature != TokenCrypto.ComputeHMACSHA256($"{iv}.{encrypt}", Key.Substring(0, 64)))
            {
                return(null);
            }

            //使用 AES 解密 Payload
            var base64  = TokenCrypto.AESDecrypt(encrypt, Key.Substring(0, 16), iv);
            var json    = Encoding.UTF8.GetString(Convert.FromBase64String(base64));
            var payload = JsonConvert.DeserializeObject <Payload>(json);

            //檢查是否過期
            if (payload.exp < Convert.ToInt32(
                    (DateTime.Now - new DateTime(1970, 1, 1)).TotalSeconds))
            {
                return(null);
            }

            var claims = new ClaimsIdentity(
                new[]
            {
                new Claim(ClaimTypes.NameIdentifier, payload.info.EmployeeNo.ToString()),
                new Claim(ClaimTypes.Name, payload.info.UserName),
                new Claim("Account", payload.info.Account),
                new Claim(ClaimTypes.Email, payload.info.EmailAccount)
            });

            var result = new ClaimsPrincipal(claims);

            return(result);
        }
Beispiel #4
0
        public string GenerateToken(object identity, int expireMinutes = 20)
        {
            var exp = expireMinutes * 60;   //過期時間(秒)

            //稍微修改 Payload 將使用者資訊和過期時間分開
            var payload = new Payload
            {
                info = (User)identity,
                //Unix 時間戳
                exp = Convert.ToInt32((DateTime.Now.AddSeconds(exp) - new DateTime(1970, 1, 1)).TotalSeconds)
            };

            var json   = JsonConvert.SerializeObject(payload);
            var base64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(json));
            var iv     = Guid.NewGuid().ToString().Replace("-", "").Substring(0, 16);

            //使用 AES 加密 Payload
            var encrypt = TokenCrypto.AESEncrypt(base64, Key.Substring(0, 16), iv);

            //取得簽章
            var signature = TokenCrypto.ComputeHMACSHA256($"{iv}.{encrypt}", Key.Substring(0, 64));

            return($"{iv}.{encrypt}.{signature}");
        }