Пример #1
0
        /// <summary>
        /// 根据Token接收者验证JwtToken
        /// </summary>
        /// <param name="TokenString"></param>
        /// <param name="audience"></param>
        /// <returns>用户名</returns>
        public string ValidateJwtToken(string tokenString, string audience)
        {
            string username = null;

            try
            {
                SecurityToken           securityToken;
                JwtSecurityTokenHandler securityTokenHandler = new JwtSecurityTokenHandler();

                string         keyDir = AppDomain.CurrentDomain.BaseDirectory;
                RsaSecurityKey key;
                if (RSAUtils.TryGetKeyParameters(keyDir, false, out RSAParameters keyparams) == false)
                {
                    //return null;
                    throw new Exception("读取RSA密钥文件失败!");
                }
                else
                {
                    key = new RsaSecurityKey(keyparams);
                }

                TokenValidationParameters validationParameters = new TokenValidationParameters()
                {
                    ValidIssuer       = ConfigurationManager.AppSettings["Jwt_Issuer"] ?? "DM.UBP",
                    ValidAudience     = audience,
                    IssuerSigningKey  = key,
                    ValidateLifetime  = true,
                    LifetimeValidator = LifetimeValidator,
                };

                ClaimsPrincipal claims = securityTokenHandler.ValidateToken(tokenString, validationParameters, out securityToken);
                var             claim  = claims.FindFirst(ClaimTypes.NameIdentifier);
                if (claim != null)
                {
                    username = claim.Value;
                }
            }
            catch (Exception ex)
            {
                username = null;
            }

            return(username);
        }
Пример #2
0
        /// <summary>
        /// 根据用户名、角色、到期时间、Token接收者生成JwtToken
        /// </summary>
        /// <param name="username"></param>
        /// <param name="role"></param>
        /// <param name="audience">Token接收者</param>
        /// <returns></returns>
        public string GenerateJwtToken(string username, string role, string audience)
        {
            string         keyDir = AppDomain.CurrentDomain.BaseDirectory;
            DateTime       expire = DateTime.Now.AddMinutes(Convert.ToDouble(ConfigurationManager.AppSettings["Jwt_ExpireMinutes"] ?? "30"));
            RsaSecurityKey key;

            if (RSAUtils.TryGetKeyParameters(keyDir, true, out RSAParameters keyparams) == false)
            {
                //key = default(RsaSecurityKey);
                throw new Exception("读取RSA密钥文件失败!");
            }
            else
            {
                key = new RsaSecurityKey(keyparams);
            }

            string jti = audience + username + expire.GetMilliseconds();

            jti = jti.ToMd5Hash(); // Jwt 的一个参数,用来标识 Token

            var claims = new[]
            {
                new Claim(ClaimTypes.Role, role ?? string.Empty), // 添加角色信息
                new Claim(ClaimTypes.NameIdentifier, username),   // 用户名称
                new Claim("jti", jti, ClaimValueTypes.String)     // jti,用来标识 token
            };

            JwtSecurityToken jwtToken = new JwtSecurityToken
                                        (
                issuer: ConfigurationManager.AppSettings["Jwt_Issuer"] ?? "DM.UBP",
                audience: audience,
                claims: claims,
                signingCredentials: new SigningCredentials(key, SecurityAlgorithms.RsaSha256Signature),
                expires: expire
                                        );

            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
            string tokenString = tokenHandler.WriteToken(jwtToken);

            return(tokenString);
        }