//取得使用者信息
public User GetUser(string token)
{
var split = token.Split('.');
var iv = split[0];
var encrypt = split[1];
var signature = split[2];
//检查签章是否正确
if (signature != TokenCrypto.ComputeHMACSHA256(iv + "." + encrypt, key.Substring(0, 64)))
{
return(null);
}
//使用 AES 解密 Payload
var base64 = TokenCrypto.AESDecrypt(encrypt, key.Substring(0, 16), iv);
var json = Encoding.UTF8.GetString(Convert.FromBase64String(base64));
var payload = JsonConvert.DeserializeObject <Payload>(json);
//检查是否过期
if (payload.Exp < Convert.ToInt32(
(DateTime.Now - new DateTime(1970, 1, 1)).TotalSeconds))
{
return(null);
}
return(payload.Info);
}
public ClaimsPrincipal GetPrincipal(string token)
{
var split = token.Split('.');
var iv = split[0];
var encrypt = split[1];
var signature = split[2];
//檢查簽章是否正確
if (signature != TokenCrypto.ComputeHMACSHA256($"{iv}.{encrypt}", Key.Substring(0, 64)))
{
return(null);
}
//使用 AES 解密 Payload
var base64 = TokenCrypto.AESDecrypt(encrypt, Key.Substring(0, 16), iv);
var json = Encoding.UTF8.GetString(Convert.FromBase64String(base64));
var payload = JsonConvert.DeserializeObject <Payload>(json);
//檢查是否過期
if (payload.exp < Convert.ToInt32(
(DateTime.Now - new DateTime(1970, 1, 1)).TotalSeconds))
{
return(null);
}
var claims = new ClaimsIdentity(
new[]
{
new Claim(ClaimTypes.NameIdentifier, payload.info.EmployeeNo.ToString()),
new Claim(ClaimTypes.Name, payload.info.UserName),
new Claim("Account", payload.info.Account),
new Claim(ClaimTypes.Email, payload.info.EmailAccount)
});
var result = new ClaimsPrincipal(claims);
return(result);
}