protected override bool IsAuthorized(HttpActionContext actionContext) { string access_token = HttpContext.Current.Request.Cookies["access_token"].Value; var handler = new JwtSecurityTokenHandler(); SecurityToken validToken = null; try { handler.ValidateToken(access_token, SysContext.JwtTokenValidationParameters, out validToken); var x = handler.ReadToken(access_token); var z = handler.ReadJwtToken(access_token); var validJwt = validToken as JwtSecurityToken; if (validJwt == null) { AlertMsg = new JwtTokenAlertMsg() { Message = "Invalid JWT" }; } else { AlertMsg = new JwtTokenAlertMsg(true, "验证成功!") { statusCode = "200", expires_in = (int)(validJwt.ValidTo - validJwt.ValidFrom).TotalSeconds, access_token = access_token }; } } catch (SecurityTokenValidationException ex) { AlertMsg = new JwtTokenAlertMsg() { Message = ex.Message }; } catch (ArgumentException ex) { AlertMsg = new JwtTokenAlertMsg() { Message = ex.Message }; } return(AlertMsg.IsSuccess); }
public JwtTokenAlertMsg GetAuthToken(JwtUserViewModel model) { var username = model.UserName; var password = model.Password; var identity = GetClaimsIdentity(username, password); if (identity == null) { return(new JwtTokenAlertMsg { statusCode = "400", Message = "Invalid username or password." }); } var now = DateTime.Now; var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub, username), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(now).ToString(), ClaimValueTypes.Integer64) }; var securityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(model.SigningKey)); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( issuer: model.Issuer, audience: model.Audience, claims: claims, notBefore: now, expires: now.Add(model.Expiration), signingCredentials: signingCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new JwtTokenAlertMsg { statusCode = "200", Message = "登录成功", access_token = encodedJwt, expires_in = (int)model.Expiration.TotalSeconds, }; return(response); }