private IServiceCollection AddJwt(IServiceCollection services)
{
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtSetting.Issuer,
ValidateAudience = true,
ValidAudience = jwtSetting.Audience,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
});
return(services);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddHttpContextAccessor();
services.AddScoped <IIdentityService, IdentityService>();
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
//services.AddCors(options =>
//{
// options.AddPolicy("any", builder =>
// {
// builder.AllowAnyOrigin() //允许任何来源的主机访问
// .AllowAnyMethod()
// .AllowAnyHeader();
// });
//});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
// 默认 300s
ClockSkew = TimeSpan.Zero
};
});
services.AddControllers();
}
/// <summary>
/// 加入jwt授权
/// </summary>
/// <param name="services"></param>
/// <param name="Configuration"></param>
/// <returns></returns>
public static IServiceCollection AddAuthentication(this IServiceCollection services, IConfiguration Configuration)
{
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting); //读取配置
services.Configure <JwtSetting>(Configuration.GetSection("JwtSetting")); //将读取到的配置注入
services.AddHttpContextAccessor();
services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");
services.AddScoped <IIdentityService, IdentityService>();
services.AddScoped <ITokenService, TokenService>();
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
// 默认 300s
ClockSkew = TimeSpan.Zero
};
});
return(services);
}
public JwtMiddleware(RequestDelegate next,
IOptions <JwtSetting> jwtSetting
)
{
_next = next;
_jwtSetting = jwtSetting?.Value;
}
public static IServiceCollection AddApskJwtBearer(this IServiceCollection services, IConfiguration configuration)
{
var jwtSetting = new JwtSetting();
configuration.GetSection(nameof(JwtSetting)).Bind(jwtSetting);
if (jwtSetting is null)
{
throw new System.ArgumentNullException(nameof(jwtSetting));
}
services.AddAuthentication(opt =>
{
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(opt =>
{
opt.ClaimsIssuer = jwtSetting.Issuer;
opt.Audience = jwtSetting.Audience;
opt.RequireHttpsMetadata = false;
opt.SaveToken = true;
opt.TokenValidationParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.Secret)),
ValidAudience = jwtSetting.Audience,
ValidIssuer = jwtSetting.Issuer
};
});
return(services);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddHttpContextAccessor();
services.AddScoped <IIdentityService, IdentityService>();
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
// 默认 300s
ClockSkew = TimeSpan.Zero
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
public static IServiceCollection AddJwtAuthentication(this IServiceCollection services, IConfiguration configuration)
{
var jwtConfig = new JwtSetting();
var jwtSection = configuration.GetSection("JwtSetting");
jwtSection.Bind(jwtConfig);
services.Configure <JwtSetting>(jwtSection);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = jwtConfig.ValidIssuer,
ValidAudience = jwtConfig.ValidAudience,
IssuerSigningKey = jwtConfig.SymmetricSecurityKey
};
});
services.AddAuthorization(options =>
{
options.DefaultPolicy = new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build();
});
return(services);
}
public static string GetToken(JwtSetting jwtSetting, User user)
{
//创建用户身份标识,可按需要添加更多信息
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim("user_id", user.user_id), // 用户id
new Claim("user_name", user.user_name), // 用户名
new Claim("is_admin", user.is_admin.ToString(), ClaimValueTypes.Boolean) // 是否是管理员
};
//创建令牌
var token = new JwtSecurityToken(
issuer: jwtSetting.Issuer,
audience: jwtSetting.Audience,
signingCredentials: jwtSetting.Credentials,
claims: claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddSeconds(jwtSetting.ExpireSeconds)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
/// <summary>
///
/// </summary>
/// <param name="services"></param>
public void ConfigureServices(IServiceCollection services)
{
// 添加mvc
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
// ioc
services.AddScoped <IAuthAppService, AuthAppService>();
services.AddScoped <IUserAppService, UserAppService>();
// jwt校验
services.Configure <JwtSetting>(Configuration.GetSection("JwtSetting"));
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
// 默认允许 300s 的时间偏移量,设置为0
ClockSkew = TimeSpan.Zero
};
});
// 注册swagger生成器
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo
{
Title = "user api",
Version = "v1",
Description = "懒虫商城--user api",
TermsOfService = new Uri("http://www.baidu.com"),
Contact = new OpenApiContact
{
Name = "lazy",
Email = "邮箱",
Url = new Uri("http://www.baidu.com")
},
License = new OpenApiLicense
{
Name = "许可证名字",
Url = new Uri("http://www.baidu.com")
}
});
// 为 Swagger JSON and UI设置xml文档注释路径
var basePath = Path.GetDirectoryName(typeof(Program).Assembly.Location);
//获取应用程序所在目录(绝对,不受工作目录影响,建议采用此方法获取路径)
//添加接口XML的路径
var xmlPath = Path.Combine(basePath, "Interfaces.UserAPI.xml");
//如果需要显示控制器注释只需将第二个参数设置为true
c.IncludeXmlComments(xmlPath, true);
});
}
internal static (string tokenString, DateTime expireTo) GenToken(Users user, JwtSetting setting, int expire)
{
var tokenHandler = new JwtSecurityTokenHandler();
var keybyte = Encoding.ASCII.GetBytes(setting.Key);
var expireTo = DateTime.UtcNow.AddMinutes(expire);
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = setting.Issuer,
Audience = setting.Audience,
Subject = new ClaimsIdentity(new Claim[]
{
//UserGuid
new Claim("ID", user.Id.ToString()),
//主體內容
new Claim(JwtRegisteredClaimNames.Sub, user.LoginName),
//唯一識別碼,是區分大小寫的字串
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
//頒發時間,是數字日期
new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName),
new Claim(JwtRegisteredClaimNames.Email, user.Email)
}),
Expires = expireTo,
SigningCredentials =
new SigningCredentials(new SymmetricSecurityKey(keybyte), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token), expireTo);
}
public UserTokenVM BuildUserToken(UserVM userVM)
{
var jwtSetting = new JwtSetting();
_config.Bind("JwtSetting", jwtSetting);
//UserInfo
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim("userId", userVM.UserId.ToString()),
new Claim("name", userVM.Name),
};
var expireIn = DateTime.UtcNow.AddMinutes(jwtSetting.ExpireMinutes);
var jwtToken = GenerateJwtToken(jwtSetting, claims, expireIn);
var tokenResponse = new UserTokenVM()
{
Token = jwtToken,
ExpireIn = new DateTimeOffset(expireIn).ToUnixTimeSeconds(),
UserName = userVM.Name
};
return(tokenResponse);
}
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("any",
builder => builder.WithOrigins("http://localhost:44362",
"http://localhost:63342").AllowAnyHeader().
AllowAnyOrigin().AllowAnyMethod());
});
services.AddControllersWithViews().AddNewtonsoftJson();
services.AddDbContextPool <AppDbContext>(options =>
options.UseMySQL(_config.GetConnectionString("DBConnection"))
);
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo
{
Version = "v0.1.0",
Title = "Api",
Description = "说明文档",
Contact = new Microsoft.OpenApi.Models.OpenApiContact {
Name = "AAAApi", Email = "892542", Url = new Uri("http://www.baidu.com")
}
});
var basePath = AppContext.BaseDirectory;
var xmlPath = Path.Combine(basePath, "PicCommunitity.xml");
c.IncludeXmlComments(xmlPath, true);
});
services.AddMvc(options =>
{
}).AddXmlSerializerFormatters();
//配置Jwt验证
services.Configure <JwtSetting>(_config.GetSection("JwtSetting"));
var jwtSetting = new JwtSetting();
_config.Bind("JwtSetting", jwtSetting);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o => {
o.TokenValidationParameters = new TokenValidationParameters
{
//是否验证发行人
ValidateIssuer = true,
ValidIssuer = jwtSetting.Issuer, //发行人
//是否验证受众人
ValidateAudience = true,
ValidAudience = jwtSetting.Audience, //受众人
//是否验证密钥
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecurityKey)),
ValidateLifetime = true, //验证生命周期
RequireExpirationTime = false //过期时间
};
});
}
public AuthController(IOptions <JwtSetting> options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
_jwtSetting = options.Value;
}
public RpcTokenService(IUserService userService,
ITokenService tokenService,
IOptions <JwtSetting> option)
{
_userService = userService;
_tokenService = tokenService;
_jwtSetting = option.Value;
}
/// <summary>
///
/// </summary>
/// <param name="configuration"></param>
/// <param name="jwtSetting">jwt认证配置</param>
/// <param name="userRepository"></param>
public AuthorizeController(IConfiguration configuration,
IOptions <JwtSetting> jwtSetting,
IQuickAdminRepository <User> userRepository)
{
_configuration = configuration;
_jwtSettings = jwtSetting.Value;
_userRepository = userRepository;
}
public AuthService(UserManager <AppUser> userManager,
RoleManager <IdentityRole> roleManager,
IOptions <JwtSetting> jwtSetting)
{
_userManager = userManager;
_roleManager = roleManager;
_jwtSetting = jwtSetting.Value;
}
protected BaseController(IDistributedCache distributedCache, ApplicationDbContext db, IMapper mapper, IOptions <JwtSetting> jwtsetting
, IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
_distributedCache = distributedCache;
_db = db;
_jwtsetting = jwtsetting.Value;
_mapper = mapper;
}
public AuthService(
UserManager <ApplicationUser> userManager,
IEmailService emailService,
IOptions <JwtSetting> jwtSetting)
{
_userManager = userManager;
_emailService = emailService;
_jwtSetting = jwtSetting.Value;
}
public AuthController(
IAuthRepository authRepository,
IUserRepository userRepository,
IOptions <JwtSetting> options)
{
this.authRepository = authRepository;
this.userRepository = userRepository;
this.options = options.Value;
}
public static void AddOptionSetting(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton <JwtSetting>((store) =>
{
JwtSetting jwtSetting = new JwtSetting();
configuration.Bind(nameof(JwtSetting), jwtSetting);
return(jwtSetting);
});
}
public void InstallServices(IServiceCollection services, IConfiguration configuration)
{
var jwtsetting = new JwtSetting();
configuration.Bind(nameof(jwtsetting), jwtsetting);
services.AddSingleton(jwtsetting);
services.AddScoped <IIdentityService, IdentityService>();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x => {
x.SaveToken = true;
x.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtsetting.Secert)),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddSwaggerGen(x => {
x.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo()
{
Title = "TweetApi", Version = "v1 "
});
var ApiSecurityScheme = new OpenApiSecurityScheme
{
Description = "ddddd",
Name = "Authorizaton",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey
};
x.AddSecurityDefinition("Bearer", ApiSecurityScheme);
x.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
ApiSecurityScheme
,
new[] { "readAccess", "writeAccess" }
}
});
});
// services.AddSingleton<IPostService, PostService>();
}
public LoginController(IOptions <JwtSetting> options)
{
_user = new User
{
Id = 1,
Name = "todd",
Password = "******"
};
_jwtSetting = options.Value;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddApplication <blogWebModule>();
//services.AddIdentity<AppUser, IdentityRole>();
services.AddAuthentication()
.AddFacebook(facebook =>
{
facebook.AppId = Configuration["FacebookAuth:AppID"];
facebook.AppSecret = Configuration["FacebookAuth:AppSecret"];
})
.AddGoogle(ggOptions =>
{
ggOptions.ClientId = Configuration["GoogleAuth:ClientId"];
ggOptions.ClientSecret = Configuration["GoogleAuth:ClientSecret"];
});
services.AddScoped <ICateAppService, CategoryService>();
services.AddScoped <IPostAppService, PostService>();
services.AddScoped <IAccountAppService, AccountAppService>();
services.AddScoped <IPermissionAppService, PermissionAppService>();
services.AddScoped <IIdentityRoleAppService, IdentityRoleAppSerivce>();
services.AddScoped <IIdentityAppService, IdentityAppService>();
services.AddScoped <IDocumentAppService, DocumentAppService>();
var jwtSettings = new JwtSetting();
Configuration.Bind(nameof(jwtSettings), jwtSettings);
services.AddSingleton(jwtSettings);
//Facebook Auth
var facebookAuthSettings = new FacebookAuthSettings();
Configuration.Bind(nameof(FacebookAuthSettings), facebookAuthSettings);
services.AddSingleton(facebookAuthSettings);
services.AddHttpClient();
services.AddSingleton <IFacebookAuthService, FacebookAuthService>();
//Config uri service
services.AddScoped <IUriService, UriService>();
services.AddSingleton <IUriService>(provider =>
{
//add DI IUriService-UriService, lấy baseUri để đưa cho hàm tạo của UriService
//Khi ta gửi request đến server, request đó sẽ chứa các thuộc tính như: path/scheme/..
//Ví dụ gửi request xem tất cả các post
//scheme: https
//path: api/v1/posts
var accessor = provider.GetRequiredService <IHttpContextAccessor>();
var request = accessor.HttpContext.Request;
var absoluteUri = string.Concat(request.Scheme, "://", request.Host.ToUriComponent(), "/");
return(new UriService(absoluteUri));
});
}
public LoginService(ILogger <LoginService> logger,
IUserService userService,
IOptions <JwtSetting> jwtSetting,
ICacheProvider cacheProvider,
IJwtTokenService jwtTokenService
)
{
_logger = logger;
_userService = userService;
_jwtSetting = jwtSetting?.Value;
_cacheProvider = cacheProvider;
_jwtTokenService = jwtTokenService;
}
// This method gets called by the runtime. Use this method to add services to the container.
// Use Autofac.
/*public IServiceProvider ConfigureServices(IServiceCollection services)
* {
* services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
*
* var builder = new ContainerBuilder();
* builder.RegisterType<Message>().As<IMessage>();
* builder.Register(m => new Message("test")).As<IMessage>();
* builder.Populate(services);
* var applicationContainer = builder.Build();
*
* return new AutofacServiceProvider(applicationContainer);
* }*/
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.IncludeErrorDetails = true;
var keybytes = Encoding.UTF8.GetBytes(jwtSetting.SecurityKey);
var signKey = new SymmetricSecurityKey(keybytes);
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = signKey
};
});
services.Configure <JwtSetting>(Configuration.GetSection("JwtSetting"));
services.AddSingleton(factory => {
Func <string, IMessage> accessor = key =>
{
if (key.Equals("message"))
{
return(new Message());
}
else if (key.Equals("anotherMessage"))
{
return(new AnotherMessage());
}
else
{
throw new Exception("not support");
}
};
return(accessor);
});
//services.AddTransient<IMessage, Message>();
services.AddScoped <IMessage, Message>();
services.AddSingleton <IJWTUtility, JWTUtility>();
}
private string GenerateJwtToken(JwtSetting jwtSetting, Claim[] claims, DateTime expireIn)
{
var token = new JwtSecurityToken(
issuer: jwtSetting.Issuer,
audience: jwtSetting.Issuer,
signingCredentials: jwtSetting.Credentials,
claims: claims,
notBefore: DateTime.UtcNow,
expires: expireIn
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//配置授权策略必须为Admin
services.AddAuthorization(Options =>
{
Options.AddPolicy("Admin", policy => policy.RequireClaim("Admin"));
});
services.Configure <JwtSetting>(Configuration.GetSection("JwtSetting"));
var jwtSetting = new JwtSetting();
Configuration.Bind("JwtSetting", jwtSetting);
//JWT相关参数的配置
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jwtSetting.Issuer,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSetting.SecretKey))
};
//清除默认验证
o.SecurityTokenValidators.Clear();
//自定义ValidateToken
o.SecurityTokenValidators.Add(new GeekValidateToken());
//自定义Header参数
o.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
var token = context.Request.Headers["token"];
Console.WriteLine("==================" + token + "======================");
context.Token = token.FirstOrDefault();
return(Task.CompletedTask);
}
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
public static void ConfigureJwtAuthentication(IServiceCollection services, IConfigurationSection jwtAppSettings)
{
JwtSetting appSettings = jwtAppSettings.Get <JwtSetting>();
byte[] secretKey = Encoding.ASCII.GetBytes(appSettings.SecretKey);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, jwtBearerOptions =>
{
jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(secretKey),
ValidIssuer = appSettings.Issuer,
ValidAudience = appSettings.Issuer,
};
});
}
private string GetToken(string userName, JwtSetting setting)
{
string token = string.Empty;
var claims = new[]
{
new Claim(ClaimTypes.Name, userName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecurityKey));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var jwtToken = new JwtSecurityToken(setting.Issuer, setting.Audience, claims,
expires: DateTime.Now.AddSeconds(setting.ExpireSeconds),
signingCredentials: credentials);
token = new JwtSecurityTokenHandler().WriteToken(jwtToken);
return(token);
}
public static JwtSetting GetJwtSetting(IConfiguration configuration)
{
var jwtSetting = new JwtSetting();
jwtSetting.Audience = configuration["JwtSettings:Audience"];
jwtSetting.Issuer = configuration["JwtSettings:Issuer"];
jwtSetting.SecretKey = configuration["JwtSettings:SecretKey"];
string strSeconds = configuration["JwtSettings:ExpireSeconds"];
int expireSeconds = 0;
int.TryParse(strSeconds, out expireSeconds);
jwtSetting.ExpireSeconds = expireSeconds <= 0 ? 300 : expireSeconds;
strSeconds = configuration["JwtSettings:RefreshExpireSeconds"];
expireSeconds = 0;
int.TryParse(strSeconds, out expireSeconds);
jwtSetting.RefreshExpireSeconds = expireSeconds <= 0 ? 86400 : expireSeconds;
return(jwtSetting);
}
