public async Task <ClaimsPrincipal> ValidateJwt(JwtEnpoint endpoint, string token, IList <JwtValidateParameter> validateParameters)
{
//生成验证时使用的签名密钥
var keys = await _jwtGenerateValidateSignKeyService.Generate(endpoint, endpoint.ValidateSignKeyType, endpoint.ValidateSignKeyConfiguration);
//为验证参数列表组装令牌验证参数
TokenValidationParameters tokenParameter = new TokenValidationParameters();
//初始化令牌验证参数
tokenParameter.ValidateActor = false;
tokenParameter.ValidateAudience = false;
tokenParameter.ValidateIssuer = false;
tokenParameter.ValidateLifetime = false;
tokenParameter.ValidateTokenReplay = false;
//为签名密钥属性赋值并启用
tokenParameter.IssuerSigningKeys = keys;
if (validateParameters != null)
{
foreach (var parameterItem in validateParameters)
{
await _jwtValidateParameterBuildService.Build(tokenParameter, parameterItem);
}
}
//执行验证
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
var claims = handler.ValidateToken(token, tokenParameter, out SecurityToken validatedToken);
return(claims);
}
public async Task <string> CreateJwt(JwtEnpoint endpoint, string issuer, string audience, ClaimsIdentity subject, DateTime?notBefore, DateTime?expires, DateTime?issuedAt)
{
//生成生成时用到的签名密钥
var signingCredentials = await _jwtGenerateCreateSignKeyService.Generate(endpoint, endpoint.CreateSignKeyType, endpoint.CreateSignKeyConfiguration);
//生成Jwt字符串
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
return(handler.CreateEncodedJwt(issuer, audience, subject, notBefore, expires, issuedAt, signingCredentials));
}
public async Task Update(JwtEnpoint endpoint)
{
await _jwtEnpointStore.Updtae(endpoint);
}
public async Task Delete(JwtEnpoint endpoint)
{
await _jwtEnpointStore.Delete(endpoint.ID);
}
public async Task Add(JwtEnpoint endpoint)
{
await _jwtEnpointStore.Add(endpoint);
}
