public Task Invoke(HttpContext httpContext) { var headers = httpContext.Request.Headers; if (!headers.ContainsKey("Authorization")) { return(_next(httpContext)); } var tokenStr = headers["Authorization"]; try { string JwtStr = tokenStr.ToString().Substring("Bearer ".Length).Trim(); if (!MyMemoryCache.Exists(JwtStr)) { return(httpContext.Response.WriteAsync("非法请求")); } TokenModel model = (TokenModel)MyMemoryCache.Get(JwtStr); List <Claim> lc = new List <Claim>(); Claim c = new Claim(model.Sub + "Type", model.Sub); lc.Add(c); ClaimsIdentity identity = new ClaimsIdentity(lc); ClaimsPrincipal principal = new ClaimsPrincipal(identity); httpContext.User = principal; return(_next(httpContext)); } catch (Exception) { return(httpContext.Response.WriteAsync("token验证异常")); //throw; } }
/// <summary> /// 获取JWT字符串并存入缓存 /// </summary> /// <param name="tm"></param> /// <param name="expireSliding"></param> /// <param name="expireAbsoulte"></param> /// <returns></returns> public static string IssueJWT(TokenModel tokenModel, TimeSpan expiresSliding, TimeSpan expiresAbsoulte) { DateTime UTC = DateTime.UtcNow; Claim[] claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub, tokenModel.Sub), //Subject, new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), //JWT ID,JWT的唯一标识 new Claim(JwtRegisteredClaimNames.Iat, UTC.ToString(), ClaimValueTypes.Integer64), //Issued At,JWT颁发的时间,采用标准unix时间,用于验证过期 }; JwtSecurityToken jwt = new JwtSecurityToken( issuer: "Frozen", //jwt签发者,非必须 audience: tokenModel.Uname, //jwt的接收该方,非必须 claims: claims, //声明集合 expires: UTC.AddHours(12), //指定token的生命周期,unix时间戳格式,非必须 signingCredentials: new Microsoft.IdentityModel.Tokens .SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("Frozen's Secret Key")), SecurityAlgorithms.HmacSha256)); //使用私钥进行签名加密 var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); //生成最后的JWT字符串 MyMemoryCache.AddMemoryCache(encodedJwt, tokenModel, expiresSliding, expiresAbsoulte); //将JWT字符串和tokenModel作为key和value存入缓存 return(encodedJwt); }