public JwtTokenProvider(IOptions <JwtTokenProviderOptions> config, ILogger <JwtTokenProvider> logger)
{
_secret = config.Value.Secret ?? throw new ArgumentException("secret not defined");
_logger = logger;
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtValidator validator = new JwtValidator(serializer, new UtcDateTimeProvider());
_encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
_decoder = new JwtDecoder(serializer, validator, urlEncoder, algorithm);
}
public HttpResponseMessage UserInfo(string token)
{
string result = string.Empty;
RuleCommon rule = new RuleCommon();
try
{
string message = "";
//var strTicket = FormsAuthentication.Decrypt(token).UserData;
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
string json = "[" + decoder.Decode(token, "YYplayMerchant", verify: true).ToString() + "]";//token为之前生成的字符串
string userName = "";
JArray jsonObj = JArray.Parse(json);
string password = "";
for (int i = 0; i < jsonObj.Count; i++)
{
userName = jsonObj[i]["name"].ToString();
}
LoginInfo lginfo = new LoginInfo();
lginfo.userid = "1";
lginfo.roleid = "1";
lginfo.token = "";
lginfo.cityid = "1";
lginfo.username = userName;
lginfo.roles = "super_admin";
lginfo.introduction = "super_admin";
lginfo.avatar = "super_admin";
result = rule.JsonStr("ok", "", lginfo);
return(new HttpResponseMessage {
Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json")
});
}
catch (Exception e)
{
result = rule.JsonStr("error", e.Message, "");
return(new HttpResponseMessage {
Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json")
});
}
}
private static void Main(string[] args)
{
#region 加密
////在 payload 中增加一个名字为 exp 的值,值为过期时间和 1970 / 1 / 1 00:00:00 相差的秒数
//var payload = new Dictionary<string, object>
//{
// { "UserId", 123 },
// { "UserName", "admin" }
//};
//var secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk";//不要泄露
//IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
//IJsonSerializer serializer = new JsonNetSerializer();
//IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
//IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
//var token = encoder.Encode(payload, secret);
//Console.WriteLine(token);
#endregion 加密
#region 解密
var token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJVc2VySWQiOjEyMywiVXNlck5hbWUiOiJhZG1pbiJ9.Qjw1epD5P6p4Yy2yju3-fkq28PddznqRj3ESfALQy_U";
var secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk"; try
{
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
var json = decoder.Decode(token, secret, verify: true);
Console.WriteLine(json);
}
catch (FormatException)
{
Console.WriteLine("Token format invalid");
}
catch (TokenExpiredException)
{
Console.WriteLine("Token has expired");
}
catch (SignatureVerificationException)
{
Console.WriteLine("Token has invalid signature");
}
#endregion 解密
}
public LoginResult aaa(LoginRequest request)
{
LoginResult rs = new LoginResult();
//假设用户名为"admin",密码为"123"
if (request.UserName == "admin" && request.Password == "123")
{
//如果用户登录成功,则可以得到该用户的身份数据。当然实际开发中,这里需要在数据库中获得该用户的角色及权限
IDateTimeProvider provider = new UtcDateTimeProvider();
var now = provider.GetNow();
var unixEpoch = UnixEpoch.Value; // 1970-01-01 00:00:00 UTC
var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds);
AuthInfo authInfo = new AuthInfo
{
IsAdmin = true,
Roles = new List <string> {
"admin", "owner"
},
UserName = "******"
};
var payload = new Dictionary <string, object>
{
{ "authInfo", authInfo },
{ "exp", DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds() }
};
try {
//生成token,SecureKey是配置的web.config中,用于加密token的key,打死也不能告诉别人
byte[] key = Encoding.Default.GetBytes(ConfigurationManager.AppSettings["SecureKey"]);
//采用HS256加密算法
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
var token = encoder.Encode(payload, key);
rs.Token = token;
rs.Success = true;
}
catch {
rs.Success = false;
rs.Message = "登陆失败";
}
}
else
{
rs.Success = false;
rs.Message = "用户名或密码不正确";
}
return(rs);
}
