public bool Check(string tokenStr, string salt) { // 1、格式是否合法 string[] parts = tokenStr.Split("."); if (parts.Length != 3) { return(false); } // 2、签名是否对应 string signature = EncodingExt.FromBase64Url(parts[2], null); if (!ComputeHash(parts[0], parts[1], salt).EqualsNoCase(signature)) { return(false); } // 3、头部是否合法 var header = Decode(tokenStr).Header; if (!header.Alg.EqualsNoCase(TokenConfig.Alg) || !header.Type.EqualsNoCase(TokenConfig.Type)) { return(false); } return(true); }
public void FromBase64Url() { string str = "ZFpXRnlUQTVZVGcwZERNME5_Ris-PT0"; string actual = EncodingExt.FromBase64Url(str, null); string expect = "dZWFyTA5YTg0dDM0NF+>=="; Assert.AreEqual(expect, actual); }
public void GetHmacHash() { string actual = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash("HMACSHA256", "lys", "salt")); string actual2 = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash <HMACSHA256>("lys", "salt")); string expect = "Liof_mjT4Kd1V7I7ItvcTGO3yBezkbN0UVDHXm7m1Vg"; Assert.AreEqual(expect, actual); Assert.AreEqual(expect, actual2); }
public string Encode(JwtToken token) { // 基于(提供给客户端的)基础信息编码 string header = EncodingExt.ToBase64Url(SerializeExt.ToJson(token.Header)); string payload = EncodingExt.ToBase64Url(SerializeExt.ToJson(token.Payload)); // 生成签名 string signature = EncodingExt.ToBase64Url(ComputeHash(header, payload, token.Salt)); return($"{header}.{payload}.{signature}"); }
public JwtToken Decode(string tokenStr) { string[] parts = tokenStr.Split("."); var header = SerializeExt.JsonTo <JwtHeader>(EncodingExt.FromBase64Url(parts[0], null)); var payload = SerializeExt.JsonTo <JwtPayload>(EncodingExt.FromBase64Url(parts[1], null)); return(new JwtToken { Header = header, Payload = payload }); }
/// <summary> /// 创建随机字符串,用于前端密码加密 /// </summary> public string GetSecret(UserDto dto) { if (dicSecret == null) { dicSecret = new Dictionary <string, string>(); } string ctx = DateTime.Now.ToString(); string result = EncodingExt.ToBase64Url(ctx); dicSecret.SafeAdd(dto.UserName, result); return(result); }