public JwtTokenProvider(IOptions <JwtTokenProviderOptions> config, ILogger <JwtTokenProvider> logger) { _secret = config.Value.Secret ?? throw new ArgumentException("secret not defined"); _logger = logger; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtValidator validator = new JwtValidator(serializer, new UtcDateTimeProvider()); _encoder = new JwtEncoder(algorithm, serializer, urlEncoder); _decoder = new JwtDecoder(serializer, validator, urlEncoder, algorithm); }
public HttpResponseMessage UserInfo(string token) { string result = string.Empty; RuleCommon rule = new RuleCommon(); try { string message = ""; //var strTicket = FormsAuthentication.Decrypt(token).UserData; IJsonSerializer serializer = new JsonNetSerializer(); IDateTimeProvider provider = new UtcDateTimeProvider(); IJwtValidator validator = new JwtValidator(serializer, provider); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder); string json = "[" + decoder.Decode(token, "YYplayMerchant", verify: true).ToString() + "]";//token为之前生成的字符串 string userName = ""; JArray jsonObj = JArray.Parse(json); string password = ""; for (int i = 0; i < jsonObj.Count; i++) { userName = jsonObj[i]["name"].ToString(); } LoginInfo lginfo = new LoginInfo(); lginfo.userid = "1"; lginfo.roleid = "1"; lginfo.token = ""; lginfo.cityid = "1"; lginfo.username = userName; lginfo.roles = "super_admin"; lginfo.introduction = "super_admin"; lginfo.avatar = "super_admin"; result = rule.JsonStr("ok", "", lginfo); return(new HttpResponseMessage { Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json") }); } catch (Exception e) { result = rule.JsonStr("error", e.Message, ""); return(new HttpResponseMessage { Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json") }); } }
private static void Main(string[] args) { #region 加密 ////在 payload 中增加一个名字为 exp 的值,值为过期时间和 1970 / 1 / 1 00:00:00 相差的秒数 //var payload = new Dictionary<string, object> //{ // { "UserId", 123 }, // { "UserName", "admin" } //}; //var secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk";//不要泄露 //IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); //IJsonSerializer serializer = new JsonNetSerializer(); //IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); //IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); //var token = encoder.Encode(payload, secret); //Console.WriteLine(token); #endregion 加密 #region 解密 var token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJVc2VySWQiOjEyMywiVXNlck5hbWUiOiJhZG1pbiJ9.Qjw1epD5P6p4Yy2yju3-fkq28PddznqRj3ESfALQy_U"; var secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk"; try { IJsonSerializer serializer = new JsonNetSerializer(); IDateTimeProvider provider = new UtcDateTimeProvider(); IJwtValidator validator = new JwtValidator(serializer, provider); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder); var json = decoder.Decode(token, secret, verify: true); Console.WriteLine(json); } catch (FormatException) { Console.WriteLine("Token format invalid"); } catch (TokenExpiredException) { Console.WriteLine("Token has expired"); } catch (SignatureVerificationException) { Console.WriteLine("Token has invalid signature"); } #endregion 解密 }
public LoginResult aaa(LoginRequest request) { LoginResult rs = new LoginResult(); //假设用户名为"admin",密码为"123" if (request.UserName == "admin" && request.Password == "123") { //如果用户登录成功,则可以得到该用户的身份数据。当然实际开发中,这里需要在数据库中获得该用户的角色及权限 IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = UnixEpoch.Value; // 1970-01-01 00:00:00 UTC var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); AuthInfo authInfo = new AuthInfo { IsAdmin = true, Roles = new List <string> { "admin", "owner" }, UserName = "******" }; var payload = new Dictionary <string, object> { { "authInfo", authInfo }, { "exp", DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds() } }; try { //生成token,SecureKey是配置的web.config中,用于加密token的key,打死也不能告诉别人 byte[] key = Encoding.Default.GetBytes(ConfigurationManager.AppSettings["SecureKey"]); //采用HS256加密算法 IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, key); rs.Token = token; rs.Success = true; } catch { rs.Success = false; rs.Message = "登陆失败"; } } else { rs.Success = false; rs.Message = "用户名或密码不正确"; } return(rs); }