/// <summary> /// /// </summary> /// <param name="tokenModel"></param> /// <param name="jwtTokenOptions"></param> /// <returns></returns> public static string JwtEncrypt(TokenModelJwt tokenModel, JWTTokenOptions jwtTokenOptions) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Jti, tokenModel.UserId.ToString()), //Jwt唯一标识Id new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), //令牌签发时间 new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), //不早于的时间声明 new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddSeconds(jwtTokenOptions.Expire)).ToUnixTimeSeconds()}"), //令牌过期时间 new Claim(ClaimTypes.Expiration, DateTime.Now.AddSeconds(jwtTokenOptions.Expire).ToString(CultureInfo.CurrentCulture)), //令牌截至时间 new Claim(JwtRegisteredClaimNames.Iss, jwtTokenOptions.Issuer), //发行人 new Claim(JwtRegisteredClaimNames.Aud, jwtTokenOptions.Audience), //订阅人 new Claim(ClaimTypes.Role, tokenModel.Level) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtTokenOptions.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken(claims: claims, signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(jwtToken)); }
/// <summary> /// jwt解密 /// </summary> /// <param name="jwtStr"></param> /// <returns></returns> public static TokenModelJwt JwtDecrypt(string jwtStr) { if (string.IsNullOrEmpty(jwtStr) || string.IsNullOrWhiteSpace(jwtStr)) { return(new TokenModelJwt()); } jwtStr = jwtStr.Substring(7);//截取前面的Bearer和空格 var jwtHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr); jwtToken.Payload.TryGetValue(ClaimTypes.Role, out object level); var model = new TokenModelJwt { UserId = int.Parse(jwtToken.Id), Level = level == null ? "" : level.ToString() }; return(model); }