public void TokenSignAndVerify()
{
var token = new TestToken()
{
Header = new DefaultJwtHeader()
{
Algorithm = SecurityAlgorithms.HmacSha256
},
Payload = new CommonPayload()
{
Actor = "TestUser",
Audience = "TestAudience",
Issuer = "TestIssuer",
Subject = "TestTokens",
IssuedAt = DateTimeUtility.FromUnixTimestamp(DateTimeUtility.ToUnixTimestamp(DateTime.Now)),
Expires = DateTimeUtility.FromUnixTimestamp(DateTimeUtility.ToUnixTimestamp(DateTime.Now.AddDays(1)))
}
};
var testKey = new SymmetricSecurityKey("TestKey".ToHash <MD5>());
var tokenString = token.Sign(testKey);
var isVaild = JwtTokenConvert.Verify <CommonPayload>(
tokenString, testKey, out var verifyToken);
Assert.True(isVaild);
Assert.Equal(JObject.FromObject(token), JObject.FromObject(verifyToken));
}
/// <summary>
/// 取得Authorization中的JWT資訊
/// </summary>
/// <typeparam name="TToken">JWT類型</typeparam>
/// <typeparam name="TJwtHeader">JWT標頭</typeparam>
/// <typeparam name="TJwtPayload">JWT酬載</typeparam>
/// <returns>JWT資訊</returns>
public TToken GetJwtToken <TToken, TJwtHeader, TJwtPayload>()
where TToken : class, IJwtToken <TJwtHeader, TJwtPayload>
where TJwtHeader : IJwtHeader
{
if (Request.Headers.TryGetValue("Authorization", out StringValues tokenString))
{
if (JwtTokenConvert.Verify <TToken, TJwtHeader, TJwtPayload>(tokenString, default(TokenValidationParameters), out var token))
{
return(token);
}
return(default(TToken));
}
return(default(TToken));
}
public void TokenSignAndVerify2()
{
var token = new TestToken()
{
Header = new DefaultJwtHeader()
{
Algorithm = SecurityAlgorithms.HmacSha256
},
Payload = new CommonPayload()
{
Actor = "TestUser",
Audience = "TestAudience",
Issuer = "TestIssuer",
Subject = "TestTokens",
IssuedAt = DateTime.Now,
Expires = DateTime.Now
}
};
var testKey = new SymmetricSecurityKey("TestKey".ToHash <MD5>());
var tokenString = token.Sign(testKey);
Thread.Sleep(5000);
var isVaild = JwtTokenConvert.Verify <TestToken, DefaultJwtHeader, CommonPayload>(tokenString,
new TokenValidationParameters()
{
IssuerSigningKey = testKey,
ValidIssuer = "TestIssuer", // 驗證的發行者
ValidAudience = "TestAudience", // 驗證的TOKEN接受者
ValidateIssuerSigningKey = true,
ValidateIssuer = true, // 檢查TOKEN發行者
ValidateAudience = true, // 檢查該TOKEN是否發給本服務
ValidateLifetime = true, // 檢查TOKEN是否有效
ClockSkew = TimeSpan.Zero
},
out TestToken tokenOut,
out Exception e);
Assert.False(isVaild);
Assert.NotNull(e);
}
private DriveToken VerifyToken(string token)
{
if (JwtTokenConvert.Verify <DriveToken, DefaultJwtHeader, MvcIdentityPayload>(token, new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Startup.Configuration.GetSection("JWT:SecureKey").Value.ToHash <MD5>()),
ValidIssuer = Startup.Configuration.GetSection("JWT:Issuer").Value, // 驗證的發行者
ValidAudience = Startup.Configuration.GetSection("JWT:Audience").Value, // 驗證的TOKEN接受者
ValidateIssuerSigningKey = true,
ValidateIssuer = true, // 檢查TOKEN發行者
ValidateAudience = true, // 檢查該TOKEN是否發給本服務
ValidateLifetime = true // 檢查TOKEN是否有效
}, out DriveToken tokenInfo))
{
return(tokenInfo);
}
;
return(null);
}
