/// <summary>
/// 检测token是否可以对资源进行操作
/// </summary>
/// <param name="token"></param>
/// <param name="resourceName">资源名称</param>
/// <param name="action">操作</param>
/// <returns></returns>
public async Task <bool> IsValidAsync(string token, string resourceName, string action)
{
var resourceGrantInfo = await _dbContext.Set <ResourceGrantInfo>().FirstOrDefaultAsync(t => t.Token == token);
if (resourceGrantInfo == null || resourceGrantInfo.ExpireDt < DateTime.Now)
{
return(false);
}
var resourceDescriptor = ResourceDescriptor.FromString(resourceGrantInfo.ResourceDescriptor);
if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now)
{
return(false);
}
return(resourceDescriptor.IsValid(resourceName, action));
}
/// <summary>
/// 检测token是否可以对资源进行操作
/// </summary>
/// <param name="token"></param>
/// <param name="resourceName">资源名称</param>
/// <param name="action">操作</param>
/// <returns></returns>
public async Task <bool> IsValidAsync(string token, string resourceName, string action)
{
TokenValidationParameters tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_secretKey)),
ValidateIssuer = false, //是否验证Issuer
ValidateAudience = false, //是否验证Audience
ValidateLifetime = true, //是否验证失效时间
};
ClaimsPrincipal claimsPrincipal = null;
try
{
SecurityToken jwtToken;// = new JwtSecurityTokenHandler().ReadJwtToken( token );
claimsPrincipal = new JwtSecurityTokenHandler().ValidateToken(token, tokenValidationParameters, out jwtToken);
}catch (Exception e)
{
return(false);
}
var resourceDescriptorStr = claimsPrincipal.Claims.FirstOrDefault(t => t.Type == "stm/auth/token")?.Value;
if (string.IsNullOrWhiteSpace(resourceDescriptorStr))
{
return(false);
}
var resourceDescriptor = ResourceDescriptor.FromString(resourceDescriptorStr);
if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now)
{
return(false);
}
return(resourceDescriptor.IsValid(resourceName, action));
}
