/// <summary> /// 获取通讯令牌 /// </summary> /// <param name="Eitity"></param> /// <returns></returns> public TokenInfoEntity GetToken(IdentityCheckEntity Eitity) { var Eitityinfo = new TokenInfoEntity(); Eitityinfo.errmsg = "数据完整性检查不通过"; Eitityinfo.success = false; if (Eitity != null) { var Thirdparty = this.thirdPartys.First(o => o.clientId == Eitity.clienid); if (Thirdparty == null) { return(Eitityinfo); //第三方请求对象不存在,返回请求 } //根据入参获取身份签名,并进行身份签名对比 string tmpStr = SignatureString(Thirdparty.clientSecret, Eitity.timestamp, Eitity.nonce); if (tmpStr != Eitity.signature.ToLower()) { return(Eitityinfo); //签名验证不通过,返回请求 } DateTime dtStart = TimeZone.CurrentTimeZone.ToLocalTime(_unixEpoch); long lTime = long.Parse(Eitity.timestamp + "0000000"); TimeSpan toNow = new TimeSpan(lTime); dtStart = dtStart.Add(toNow); double minutes = DateTime.Now.Subtract(dtStart).TotalMinutes; if (minutes > this.timspanExpiredMinutes) { Eitityinfo.errmsg = "签名时间戳失效"; Eitityinfo.success = false; return(Eitityinfo); } if (Eitity.username.ToLower() != Thirdparty.userName.ToLower() || Eitity.password != Thirdparty.passWord) { Eitityinfo.success = false; Eitityinfo.errmsg = "用户名或密码错误"; return(Eitityinfo); } TimeSpan t = (DateTime.UtcNow - _unixEpoch); int timestamp = (int)t.TotalDays; var tokenload = new Dictionary <string, object> { { "iss", Eitity.clienid }, //issuer 请求对象 { "iat", timestamp }, //时间戳,当前单位天 { "username", Thirdparty.userName }, //请求账户名 }; Eitityinfo.accesstoken = JsonWebToken.Encode(tokenload, this.sharedKey, JwtHashAlgorithm.HS256); Eitityinfo.expiresin = this.tokenExpiredDay * 24 * 3600; Eitityinfo.errmsg = ""; Eitityinfo.success = true; } return(Eitityinfo); }
/// <summary> /// 检查用户的Token有效性,并核实用户是否有访问接口的权限 /// </summary> /// <param name="token"></param> /// <returns></returns> public TokenInfoEntity ValidateToken(string token) { //返回的结果对象 TokenInfoEntity result = new TokenInfoEntity(); result.errmsg = "令牌检查不通过"; result.success = false; try { if (string.IsNullOrEmpty(token)) { return(result); } //解密TOKEN,获取真实身份,进行身份判定 string decodedJwt = JsonWebToken.Decode(token, this.sharedKey); if (string.IsNullOrEmpty(decodedJwt)) { return(result); } #region 检查令牌对象内容 dynamic root = JObject.Parse(decodedJwt); string clientid = root.iss; string username = root.username; int jwtcreated = (int)root.iat; //检查令牌的有效期,7天内有效 TimeSpan t = (DateTime.UtcNow - _unixEpoch); int timestamp = (int)t.TotalDays; if (timestamp - jwtcreated > this.tokenExpiredDay) { result.errmsg = "用户令牌失效"; result.success = false; return(result); } //成功通过校验校验 result.success = true; result.errmsg = ""; result.clientid = clientid; result.username = username; #endregion } catch (Exception ex) { Console.WriteLine(string.Format("令牌校验失败->token:{0}", token), ex); } return(result); }