public bool Check(string tokenStr, string salt)
{
// 1、格式是否合法
string[] parts = tokenStr.Split(".");
if (parts.Length != 3)
{
return(false);
}
// 2、签名是否对应
string signature = EncodingExt.FromBase64Url(parts[2], null);
if (!ComputeHash(parts[0], parts[1], salt).EqualsNoCase(signature))
{
return(false);
}
// 3、头部是否合法
var header = Decode(tokenStr).Header;
if (!header.Alg.EqualsNoCase(TokenConfig.Alg) || !header.Type.EqualsNoCase(TokenConfig.Type))
{
return(false);
}
return(true);
}
public void FromBase64Url()
{
string str = "ZFpXRnlUQTVZVGcwZERNME5_Ris-PT0";
string actual = EncodingExt.FromBase64Url(str, null);
string expect = "dZWFyTA5YTg0dDM0NF+>==";
Assert.AreEqual(expect, actual);
}
public void GetHmacHash()
{
string actual = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash("HMACSHA256", "lys", "salt"));
string actual2 = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash <HMACSHA256>("lys", "salt"));
string expect = "Liof_mjT4Kd1V7I7ItvcTGO3yBezkbN0UVDHXm7m1Vg";
Assert.AreEqual(expect, actual);
Assert.AreEqual(expect, actual2);
}
public string Encode(JwtToken token)
{
// 基于(提供给客户端的)基础信息编码
string header = EncodingExt.ToBase64Url(SerializeExt.ToJson(token.Header));
string payload = EncodingExt.ToBase64Url(SerializeExt.ToJson(token.Payload));
// 生成签名
string signature = EncodingExt.ToBase64Url(ComputeHash(header, payload, token.Salt));
return($"{header}.{payload}.{signature}");
}
public JwtToken Decode(string tokenStr)
{
string[] parts = tokenStr.Split(".");
var header = SerializeExt.JsonTo <JwtHeader>(EncodingExt.FromBase64Url(parts[0], null));
var payload = SerializeExt.JsonTo <JwtPayload>(EncodingExt.FromBase64Url(parts[1], null));
return(new JwtToken
{
Header = header,
Payload = payload
});
}
/// <summary>
/// 创建随机字符串,用于前端密码加密
/// </summary>
public string GetSecret(UserDto dto)
{
if (dicSecret == null)
{
dicSecret = new Dictionary <string, string>();
}
string ctx = DateTime.Now.ToString();
string result = EncodingExt.ToBase64Url(ctx);
dicSecret.SafeAdd(dto.UserName, result);
return(result);
}
