public static ResourceDescriptor FromString(string str) { var arr = str.Split('\f'); if (arr.Length != 2) { return(null); } ResourceDescriptor resourceDescriptor = new ResourceDescriptor(); resourceDescriptor._expireDt = DateTime.Parse(arr[0]); resourceDescriptor._resourceItemDescriptors = arr[1].Split('\v').Select(t => ResourceItemDescriptor.FromString(t)).Where(t => t != null).ToList(); return(resourceDescriptor); }
/// <summary> /// 申请操作token /// </summary> /// <param name="resourceDescriptor">欲操作资源描述</param> /// <param name="regToken">登记客户端token</param> /// <returns></returns> public async Task <string> RegisterAsync(ResourceDescriptor resourceDescriptor, string regToken) { ResourceGrantInfo resourceGrantInfo = new ResourceGrantInfo { Token = Guid.NewGuid().ToString("N"), CreateDt = DateTime.Now, ExpireDt = resourceDescriptor.GetExpireDt(), ResourceDescriptor = resourceDescriptor.ToString(), UseTimes = 0 }; _dbContext.Set <ResourceGrantInfo>().Add(resourceGrantInfo); await _dbContext.SaveChangesAsync(); return(resourceGrantInfo.Token); }
/// <summary> /// 检测token是否可以对资源进行操作 /// </summary> /// <param name="token"></param> /// <param name="resourceName">资源名称</param> /// <param name="action">操作</param> /// <returns></returns> public async Task <bool> IsValidAsync(string token, string resourceName, string action) { var resourceGrantInfo = await _dbContext.Set <ResourceGrantInfo>().FirstOrDefaultAsync(t => t.Token == token); if (resourceGrantInfo == null || resourceGrantInfo.ExpireDt < DateTime.Now) { return(false); } var resourceDescriptor = ResourceDescriptor.FromString(resourceGrantInfo.ResourceDescriptor); if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now) { return(false); } return(resourceDescriptor.IsValid(resourceName, action)); }
/// <summary> /// 检测token是否可以对资源进行操作 /// </summary> /// <param name="token"></param> /// <param name="resourceName">资源名称</param> /// <param name="action">操作</param> /// <returns></returns> public async Task <bool> IsValidAsync(string token, string resourceName, string action) { TokenValidationParameters tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_secretKey)), ValidateIssuer = false, //是否验证Issuer ValidateAudience = false, //是否验证Audience ValidateLifetime = true, //是否验证失效时间 }; ClaimsPrincipal claimsPrincipal = null; try { SecurityToken jwtToken;// = new JwtSecurityTokenHandler().ReadJwtToken( token ); claimsPrincipal = new JwtSecurityTokenHandler().ValidateToken(token, tokenValidationParameters, out jwtToken); }catch (Exception e) { return(false); } var resourceDescriptorStr = claimsPrincipal.Claims.FirstOrDefault(t => t.Type == "stm/auth/token")?.Value; if (string.IsNullOrWhiteSpace(resourceDescriptorStr)) { return(false); } var resourceDescriptor = ResourceDescriptor.FromString(resourceDescriptorStr); if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now) { return(false); } return(resourceDescriptor.IsValid(resourceName, action)); }
/// <summary> /// 申请操作token /// </summary> /// <param name="resourceDescriptor">欲操作资源描述</param> /// <param name="regToken">登记客户端token</param> /// <returns></returns> public async Task <string> RegisterAsync(ResourceDescriptor resourceDescriptor, string regToken) { var claims = new Claim[] { new Claim("stm/auth/token", resourceDescriptor.ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_secretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwttoken = new JwtSecurityToken( null, null, claims, DateTime.Now, resourceDescriptor.GetExpireDt(), creds ); var token = new JwtSecurityTokenHandler().WriteToken(jwttoken); return(token); }