/// <summary> /// 检测token是否可以对资源进行操作 /// </summary> /// <param name="token"></param> /// <param name="resourceName">资源名称</param> /// <param name="action">操作</param> /// <returns></returns> public async Task <bool> IsValidAsync(string token, string resourceName, string action) { var resourceGrantInfo = await _dbContext.Set <ResourceGrantInfo>().FirstOrDefaultAsync(t => t.Token == token); if (resourceGrantInfo == null || resourceGrantInfo.ExpireDt < DateTime.Now) { return(false); } var resourceDescriptor = ResourceDescriptor.FromString(resourceGrantInfo.ResourceDescriptor); if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now) { return(false); } return(resourceDescriptor.IsValid(resourceName, action)); }
/// <summary> /// 检测token是否可以对资源进行操作 /// </summary> /// <param name="token"></param> /// <param name="resourceName">资源名称</param> /// <param name="action">操作</param> /// <returns></returns> public async Task <bool> IsValidAsync(string token, string resourceName, string action) { TokenValidationParameters tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_secretKey)), ValidateIssuer = false, //是否验证Issuer ValidateAudience = false, //是否验证Audience ValidateLifetime = true, //是否验证失效时间 }; ClaimsPrincipal claimsPrincipal = null; try { SecurityToken jwtToken;// = new JwtSecurityTokenHandler().ReadJwtToken( token ); claimsPrincipal = new JwtSecurityTokenHandler().ValidateToken(token, tokenValidationParameters, out jwtToken); }catch (Exception e) { return(false); } var resourceDescriptorStr = claimsPrincipal.Claims.FirstOrDefault(t => t.Type == "stm/auth/token")?.Value; if (string.IsNullOrWhiteSpace(resourceDescriptorStr)) { return(false); } var resourceDescriptor = ResourceDescriptor.FromString(resourceDescriptorStr); if (resourceDescriptor == null || resourceDescriptor.GetExpireDt() < DateTime.Now) { return(false); } return(resourceDescriptor.IsValid(resourceName, action)); }