public static void GetTokenConfig(IConfigurationSection section) { var symmetricKeyAsBase64 = section["Secret"]; var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64); var signingKey = new SymmetricSecurityKey(keyByteArray); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); var tokenConfig = new TokenConfig { #region 初始化 TokenConfig Secret = section["Secret"], //密钥 Issuer = section["Issuer"], //发行者 Audience = section["Audience"], //令牌的观众 TokenType = section["TokenType"], //表示令牌类型,该值大小写不敏感,必选项,可以是bearer类型或mac类型。 Scope = section["Scope"], //表示权限范围,如果与客户端申请的范围一致,此项可省略 Subject = section["Subject"], //主题 ExpiresIn = Convert.ToInt32(section["ExpiresIn"]), //表示过期时间,单位为秒。如果省略该参数,必须其他方式设置过期时间。 ClientId = section["ClientId"], //表示客户端的ID,必选项 ResponseType = section["ResponseType"], //表示授权类型,必选项,此处的值固定为"code" RedirectUri = section["RedirectUri"], State = section["State"], //表示客户端的当前状态,可以指定任意值,认证服务器会原封不动地返回这个值。 SigningCredentials = signingCredentials #endregion }; _TokenConfig = tokenConfig; }
/// <summary> /// 获取配文件信息 /// </summary> /// <param name="app">IApplicationBuilder</param> /// <param name="configuration">IConfiguration</param> /// <param name="options">TokenConfig</param> /// <returns></returns> public static IApplicationBuilder GetAppsettingsJson(this IApplicationBuilder app, IConfiguration configuration, TokenConfig options) { if (app == null) { throw new ArgumentNullException(nameof(app)); } var audienceConfig = configuration.GetSection("TokenConfig"); var symmetricKeyAsBase64 = audienceConfig["Secret"]; var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64); var signingKey = new SymmetricSecurityKey(keyByteArray); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); var tokenConfig = new TokenConfig { #region 初始化注入TokenConfig 到中间件 Secret = audienceConfig["Secret"], //密钥 Issuer = audienceConfig["Issuer"], //发行者 Audience = audienceConfig["Audience"], //令牌的观众 TokenType = audienceConfig["TokenType"], //表示令牌类型,该值大小写不敏感,必选项,可以是bearer类型或mac类型。 Scope = audienceConfig["Scope"], //表示权限范围,如果与客户端申请的范围一致,此项可省略 Subject = audienceConfig["Subject"], //主题 ExpiresIn = Convert.ToInt32(audienceConfig["ExpiresIn"]), //表示过期时间,单位为秒。如果省略该参数,必须其他方式设置过期时间。 ClientId = audienceConfig["ClientId"], //表示客户端的ID,必选项 ResponseType = audienceConfig["ResponseType"], //表示授权类型,必选项,此处的值固定为"code" RedirectUri = audienceConfig["RedirectUri"], State = audienceConfig["State"], //表示客户端的当前状态,可以指定任意值,认证服务器会原封不动地返回这个值。 SigningCredentials = signingCredentials #endregion }; return(app); }