/// <summary> /// resolve token string /// </summary> /// <param name="jwtStr"></param> /// <returns></returns> public static TokenModelJWT SerializeJWT(string jwtStr) { var jwtHanlder = new JwtSecurityTokenHandler(); JwtSecurityToken jwtToken = jwtHanlder.ReadJwtToken(jwtStr); object role = new object(); try { jwtToken.Payload.TryGetValue(ClaimTypes.Role, out role); } catch (Exception ex) { System.Console.WriteLine(ex); throw; } var tokenModel = new TokenModelJWT { Uid = (jwtToken.Id).ObjectToInt(), Role = role != null?role.ObjectToString() : string.Empty }; return(tokenModel); }
/// <summary> /// Issue JWT string /// </summary> /// <param name="tokenModel"></param> /// <returns></returns> public static string IssueJWT(TokenModelJWT tokenModel) { var claims = new Claim[] { // default Claims new Claim(JwtRegisteredClaimNames.Jti, tokenModel.Uid.ToString()), new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // expiry time. Caution: JWT has its own cache expiry time. new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddSeconds(100)).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, "Blog.Core"), new Claim(JwtRegisteredClaimNames.Aud, "wr"), //Microsoft UseAuthentication Role. new Claim(ClaimTypes.Role, tokenModel.Role) }; //secret var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtHelper.secretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( issuer: "Blog.Core", claims: claims, signingCredentials: creds ); var jwtHanlder = new JwtSecurityTokenHandler(); var encodedJwt = jwtHanlder.WriteToken(jwt); return(encodedJwt); }
public Task Invoke(HttpContext httpContext) { if (!httpContext.Request.Headers.ContainsKey("Authorization")) { return(_next(httpContext)); } var tokenHeader = httpContext.Request.Headers["Authorization"].ToString().Replace("Bearer ", ""); TokenModelJWT tm = JwtHelper.SerializeJWT(tokenHeader); var claimList = new List <Claim>(); var claim = new Claim(ClaimTypes.Role, tm.Role); claimList.Add(claim); var identity = new ClaimsIdentity(claimList); var principal = new ClaimsPrincipal(identity); httpContext.User = principal; return(_next(httpContext)); }