public Task Invoke(HttpContext httpContext)
{
var headers = httpContext.Request.Headers;
if (!headers.ContainsKey("Authorization"))
{
return(_next(httpContext));
}
var tokenStr = headers["Authorization"];
try
{
string JwtStr = tokenStr.ToString().Substring("Bearer ".Length).Trim();
if (!MyMemoryCache.Exists(JwtStr))
{
return(httpContext.Response.WriteAsync("非法请求"));
}
TokenModel model = (TokenModel)MyMemoryCache.Get(JwtStr);
List <Claim> lc = new List <Claim>();
Claim c = new Claim(model.Sub + "Type", model.Sub);
lc.Add(c);
ClaimsIdentity identity = new ClaimsIdentity(lc);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
httpContext.User = principal;
return(_next(httpContext));
}
catch (Exception)
{
return(httpContext.Response.WriteAsync("token验证异常"));
//throw;
}
}
/// <summary>
/// 获取JWT字符串并存入缓存
/// </summary>
/// <param name="tm"></param>
/// <param name="expireSliding"></param>
/// <param name="expireAbsoulte"></param>
/// <returns></returns>
public static string IssueJWT(TokenModel tokenModel, TimeSpan expiresSliding, TimeSpan expiresAbsoulte)
{
DateTime UTC = DateTime.UtcNow;
Claim[] claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, tokenModel.Sub), //Subject,
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), //JWT ID,JWT的唯一标识
new Claim(JwtRegisteredClaimNames.Iat, UTC.ToString(), ClaimValueTypes.Integer64), //Issued At,JWT颁发的时间,采用标准unix时间,用于验证过期
};
JwtSecurityToken jwt = new JwtSecurityToken(
issuer: "Frozen", //jwt签发者,非必须
audience: tokenModel.Uname, //jwt的接收该方,非必须
claims: claims, //声明集合
expires: UTC.AddHours(12), //指定token的生命周期,unix时间戳格式,非必须
signingCredentials: new Microsoft.IdentityModel.Tokens
.SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("Frozen's Secret Key")), SecurityAlgorithms.HmacSha256)); //使用私钥进行签名加密
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); //生成最后的JWT字符串
MyMemoryCache.AddMemoryCache(encodedJwt, tokenModel, expiresSliding, expiresAbsoulte); //将JWT字符串和tokenModel作为key和value存入缓存
return(encodedJwt);
}
