public string GetToken(CurrentUserModel userModel)
{
string jtiCustom = Guid.NewGuid().ToString();//用来标识 Token
var claims = new[]
{
new Claim(ClaimTypes.Name, userModel.Name),
new Claim("jti", jtiCustom, ClaimValueTypes.String),
new Claim("EMail", userModel.EMail),
new Claim("Account", userModel.Account),
new Claim("Age", userModel.Age.ToString()),
new Claim("Id", userModel.Id.ToString()),
new Claim("Mobile", userModel.Mobile),
new Claim(ClaimTypes.Role, userModel.Role),
//new Claim("Role", userModel.Role),//这个不能角色授权
new Claim("Sex", userModel.Sex.ToString()) //各种信息拼装
};
string keyDir = Directory.GetCurrentDirectory();
if (RSAHelper.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false)
{
keyParams = RSAHelper.GenerateAndSaveKey(keyDir);
}
var credentials = new SigningCredentials(new RsaSecurityKey(keyParams), SecurityAlgorithms.RsaSha256Signature);
#region XML
//string privateKey = RSAHelper.GenerateAndSaveKey(keyDir);
//var RSA = new RSACryptoServiceProvider();
//RSA.FromXmlString(privateKey);
//var credentials = new SigningCredentials(new RsaSecurityKey(RSA), SecurityAlgorithms.RsaSha256Signature);
#endregion
var token = new JwtSecurityToken(
issuer: this._JWTTokenOptions.Issuer,
audience: this._JWTTokenOptions.Audience,
claims: claims,
expires: DateTime.Now.AddMinutes(60),//5分钟有效期
signingCredentials: credentials);
var handler = new JwtSecurityTokenHandler();
string tokenString = handler.WriteToken(token);
return(tokenString);
}
public string GetToken(CurrentUserModel userModel)
{
var claims = new[]
{
new Claim(ClaimTypes.Name, userModel.Name),
new Claim("EMail", userModel.EMail),
new Claim("Account", userModel.Account),
new Claim("Age", userModel.Age.ToString()),
new Claim("Id", userModel.Id.ToString()),
new Claim("Mobile", userModel.Mobile),
new Claim(ClaimTypes.Role, userModel.Role),
//new Claim("Role", userModel.Role),//这个不能角色授权
new Claim("Sex", userModel.Sex.ToString()) //各种信息拼装
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this._JWTTokenOptions.SecurityKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
/**
* Claims (Payload)
* Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT 标准规定了一些字段,下面节选一些字段:
*
* iss: The issuer of the token,token 是给谁的
* sub: The subject of the token,token 主题
* exp: Expiration Time。 token 过期时间,Unix 时间戳格式
* iat: Issued At。 token 创建时间, Unix 时间戳格式
* jti: JWT ID。针对当前 token 的唯一标识
* 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。
* */
var token = new JwtSecurityToken(
issuer: this._JWTTokenOptions.Issuer,
audience: this._JWTTokenOptions.Audience,
claims: claims,
expires: DateTime.Now.AddMinutes(60), //5分钟有效期
notBefore: DateTime.Now.AddMinutes(1), //1分钟后有效
signingCredentials: creds);
string returnToken = new JwtSecurityTokenHandler().WriteToken(token);
return(returnToken);
}