private async Task attachUserToContext(HttpContext context, IUserTokenAppService userTokenAppService, string token) { try { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jwtettings.Secret); tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later) ClockSkew = TimeSpan.Zero }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; var userId = Guid.Parse(jwtToken.Claims.First(x => x.Type == "Id").Value); // attach user to context on successful jwt validation context.Items["User"] = await userTokenAppService.GetAccountById(userId); } catch (Exception ex) { // do nothing if jwt validation fails // user is not attached to context so request won't have access to secure routes } }
public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken) { validatedToken = null; JwtSecurityToken token = parse2Token(securityToken); string md5Id = Encrypion.GenerateMD5(securityToken); //给Identity赋值 ClaimsIdentity identity = null; List <Claim> claims = new List <Claim>(); long nowValue = new DateTimeOffset(TimeHelper.Now).ToUnixTimeSeconds(); if (token != null) { string userCode = token.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name).Value; long.TryParse(token.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Nbf).Value, out long nbf); long.TryParse(token.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Exp).Value, out long exp); if (!(exp < nowValue || nbf > nowValue))// token的时间非法 { IUserTokenAppService userService = EngineerContext.Current.Resolve <IUserTokenAppService>(); var userTokenInfo = userService.GetTokenById(md5Id); if (userTokenInfo != null && string.Equals(userTokenInfo.Token, securityToken, StringComparison.OrdinalIgnoreCase)) { identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme); identity.AddClaims(token.Claims); } } } if (identity == null) { identity = new ClaimsIdentity(""); } var principle = new ClaimsPrincipal(identity); return(principle); }
public ApiUserController(IUserAppService userAppService, IUserTokenAppService userTokenAppService, IServiceAppService serviceAppService, IOrderedAppService orderedAppService, IEvaluationAppService evaluationAppService) { this._userAppService = userAppService; this._userTokenAppService = userTokenAppService; this._serviceAppService = serviceAppService; this._orderedAppService = orderedAppService; this._evaluationAppService = evaluationAppService; }
public UserController(IOptions <JwtSettings> jwtSettings , IPersonAppService personAppService , IUserTokenAppService userTokenAppService ) { this._jwtSettings = jwtSettings.Value; this._personAppService = personAppService; this._userTokenAppService = userTokenAppService; }
public async Task Invoke(HttpContext context, IUserTokenAppService userTokenAppService) { var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last(); if (token != null) { await attachUserToContext(context, userTokenAppService, token); } await _next(context); }
public AccountController(IAccountAppService accountAppService, IUserTokenAppService userTokenService) { _accountAppService = accountAppService; _userTokenService = userTokenService; }