C# (CSharp) QueZed.Utility.Security JWTTokenHandler示例

编程语言: C# (CSharp)

命名空间/包名称: QueZed.Utility.Security

类/类型: JWTTokenHandler

hotexamples.com的示例: 2

C# (CSharp) QueZed.Utility.Security JWTTokenHandler - 已找到2个示例。这些是从开源项目中提取的最受好评的QueZed.Utility.Security.JWTTokenHandler现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

signingCertificate(2)

tryRetrieveToken(1)

示例#1

显示文件

        public HttpStatusCode ValidatePrincipal(HttpRequest request)
        {
            HttpStatusCode statusCode = HttpStatusCode.Unauthorized;
            string         token      = string.Empty;

            if (!JWTTokenHandler.tryRetrieveToken(request, out token))
            {
                return(statusCode);
            }
            try {
                JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
                // interesting initialization syntax here...
                // Fetch the signing token from the FederationMetadata document of the tenant.
                TokenValidationParameters parameters = new TokenValidationParameters()
                {
                    AllowedAudience = allowedAudience,
                    ValidIssuer     = tenant,
                    SigningToken    = new X509SecurityToken(new X509Certificate2(JWTTokenHandler.signingCertificate(federationMetadataEndpoint)))
                };
                // Set the ClaimsPrincipal returned by ValidateToken to Thread.CurrentPrincipal and HttpContext.Current.User
                HttpContext.Current.User = Thread.CurrentPrincipal = tokenHandler.ValidateToken(token, parameters);
                statusCode = HttpStatusCode.OK;
            } catch (SecurityTokenValidationException) { statusCode = HttpStatusCode.Unauthorized; } catch (Exception) { statusCode = HttpStatusCode.InternalServerError; }
            return(statusCode);
        }

示例#2

显示文件

        // I don't know exactly what's up here other than the standard for which claim is the 'name' changed at some point.
        //protected override string NameIdentifierClaimType(JWTSecurityToken jwt) { return ClaimTypes.GivenName; }
        //protected override string NameIdentifierClaimType(JwtSecurityToken jwt) { return ClaimTypes.Name; }

//		public override ClaimsPrincipal ValidateToken(JwtSecurityToken jwt, TokenValidationParameters validationParameters) {
        public override ClaimsPrincipal ValidateToken(JwtSecurityToken jwt)
        {
            if (string.IsNullOrEmpty(allowedAudience))
            {
                allowedAudience = ConfigurationManager.GetSetting("AllowedAudience");
            }
            if (string.IsNullOrEmpty(tenant))
            {
                tenant = ConfigurationManager.GetSetting("Tenant");
            }
            if (string.IsNullOrEmpty(federationMetadataEndpoint))
            {
                federationMetadataEndpoint = ConfigurationManager.GetSetting("FedMetadataEndpoint");
            }
            TokenValidationParameters validationParameters = new TokenValidationParameters();

            validationParameters.AllowedAudience = allowedAudience;
            validationParameters.ValidIssuer     = tenant;
            validationParameters.SigningToken    = new X509SecurityToken(new X509Certificate2(JWTTokenHandler.signingCertificate(federationMetadataEndpoint)));
            ClaimsPrincipal cp = base.ValidateToken(jwt, validationParameters);

            // This call makes the raw claims information available to the web page
            // which in turn can make the information available to javaScript for subsequent AJAX
            (cp.Identity as ClaimsIdentity).AddClaim(new Claim("raw", jwt.RawData));
            return(cp);
        }