/// <summary> /// Serializes the jwt. /// </summary> /// <returns>The jwt.</returns> /// <param name="jwtStr">Jwt string.</param> public static TokenModelJWT SerializeJWT(string jwtStr) { var jwtHandler = new JwtSecurityTokenHandler(); var jwtToken = jwtHandler.ReadJwtToken(jwtStr); var role = new object(); try { jwtToken.Payload.TryGetValue("Role", out role); } catch (Exception e) { Console.WriteLine(e); throw; } var tm = new TokenModelJWT { Uid = Convert.ToInt32(jwtToken.Id), Role = role != null?role.ToString() : "" }; return(tm); }
/// <summary> /// 颁发JWT字符串 /// </summary> /// <param name="tokenModel"></param> /// <returns></returns> public static string IssueJWT(TokenModelJWT tokenModel) { var dateTime = DateTime.UtcNow; var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ToString()), //Id new Claim("Role", tokenModel.Role), //角色 new Claim(JwtRegisteredClaimNames.Iat, dateTime.ToString(), ClaimValueTypes.Integer64) }; //秘钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtHelper.secretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( issuer: "Blog.Core", claims: claims, //生命集合 signingCredentials: creds); var jwtHandler = new JwtSecurityTokenHandler(); var encodedJwt = jwtHandler.WriteToken(jwt); return(encodedJwt); }
public Task Invoke(HttpContext httpContext) { //检测是否包含'Authorization'请求头 if (!httpContext.Request.Headers.ContainsKey("Authorization")) { return(_next(httpContext)); } var tokenHeader = httpContext.Request.Headers["Authorization"].ToString(); TokenModelJWT tm = JwtHelper.SerializeJWT(tokenHeader);//序列化token,获取授权 //授权 注意这个可以添加多个角色声明,请注意这是一个 list var claimList = new List <Claim>(); var claim = new Claim(ClaimTypes.Role, tm.Role); claimList.Add(claim); var identity = new ClaimsIdentity(claimList); var principal = new ClaimsPrincipal(identity); httpContext.User = principal; return(_next(httpContext)); }
/// <summary> /// 颁发JWT字符串 /// </summary> /// <returns>The jwt.</returns> /// <param name="tokenModel">Token model.</param> public static string IssueJWT(TokenModelJWT tokenModel) { var dateTime = DateTime.UtcNow; var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ToString()), new Claim("Role", tokenModel.Role), new Claim(JwtRegisteredClaimNames.Iat, dateTime.ToString(), ClaimValueTypes.Integer64) }; //var claims = new Claim[] //{ // new Claim(JwtRegisteredClaimNames.Jti,Guid.NewGuid().ToString()), // new Claim(JwtRegisteredClaimNames.Iat,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // new Claim(JwtRegisteredClaimNames.Nbf,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // new Claim(JwtRegisteredClaimNames.Exp,$"{new DateTimeOffset(DateTime.Now.AddSeconds(100)).ToUnixTimeSeconds()}"), // new Claim(JwtRegisteredClaimNames.Iss,"Blog.Core"), // new Claim(JwtRegisteredClaimNames.Aud,"wr"), // new Claim(ClaimTypes.Role,tokenModel.Role) //} //密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtHelper.SecretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( issuer: "Blog.Core", claims: claims, expires: dateTime.AddHours(2), signingCredentials: creds ); var jwtHandler = new JwtSecurityTokenHandler(); var encodeJwt = jwtHandler.WriteToken(jwt); return(encodeJwt); }