protected override bool IsAuthorized(HttpActionContext actionContext) { //获取header中关于auth的参数 var authHeader = from t in actionContext.Request.Headers where t.Key == "auth" select t.Value.FirstOrDefault(); if (authHeader != null) { string token = authHeader.FirstOrDefault(); if (!string.IsNullOrWhiteSpace(token)) { try { const string secret = "No one can stand in the way of the Rejuvenation of the Chinese people!"; //初始化jwt算法对象 IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); //除了256 还有512 318 //初始化序列化对象 IJsonSerializer serializer = new JsonNetSerializer(); //初始化urlencode对象 IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); //初始化时间对象 IDateTimeProvider provider = new UtcDateTimeProvider(); //初始化验证对象 IJwtValidator validator = new JwtValidator(serializer, provider); //定义jwtDeEncode对象 IJwtDecoder deCoder = new JwtDecoder(serializer, validator, urlEncoder, algorithm); //解密并验证token值,如果错误json为null 否则放行 var json = deCoder.DecodeToObject <AuthInfo>(token, secret, verify: true); //获取extraHeaders IDictionary <string, string> dict = deCoder.DecodeHeaderToDictionary(token); if (json != null && dict != null) { //token发布的时间 string iat = dict["iat"].ToString(); //token失效的时间 string exp = dict["exp"].ToString(); //验证token是否在有效期内 if (CheckTokenTime(iat, exp)) { actionContext.RequestContext.RouteData.Values.Add("auth", json); return(true); } return(false); } return(false); } catch (Exception ex) { return(false); } } return(false); } return(false); }
public void DecodeHeaderToDictionary_Should_Return_Header() { const string token = TestData.TokenByAsymmetricAlgorithm; var serializer = new JsonNetSerializer(); var urlEncoder = new JwtBase64UrlEncoder(); var decoder = new JwtDecoder(serializer, urlEncoder); var header = decoder.DecodeHeaderToDictionary(token); header.Should() .NotBeNull("because decoding header should be possible without validator or algorithm"); header.Should() .Contain("typ", "JWT"); header.Should() .Contain("alg", "RS256"); header.Should() .Contain("kid", TestData.ServerRsaPublicThumbprint1); }