如何从 JWT 令牌中获取不记名令牌(system.identitymodel.token.jwt.jwtsecuritytoken)
[英]how to get bearer token out of JWT token (system.identitymodel.token.jwt.jwtsecuritytoken)
问题描述
I have the following code:
我有以下代码:
public AuthToken Authenticate(Auth auth)
{
using (var ctx = CiderQuestionaireContext.Create())
{
try
{
var user = ctx.Users.SingleOrDefault(e => e.Email == auth.Email);
if (user == null) return null;
var token = generateJwtToken(user);
return new AuthToken
{
UserId = user.Id,
Token = token
};
}
catch (Exception e)
{
throw e;
}
}
}
which returns a hash that I send in to the following.它返回一个 hash,我将其发送到以下地址。 The string token param below is the return I get from my above call.下面的字符串标记参数是我从上面的调用中得到的返回值。
public JwtSecurityToken Validated(string token)
{//must return bearertoken
try
{
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
new JwtSecurityTokenHandler().ValidateToken(token, new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
// set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later)
ClockSkew = TimeSpan.Zero
}, out SecurityToken validatedToken);
var jwtToken = (JwtSecurityToken)validatedToken;
var userId = int.Parse(jwtToken.Claims.First(x => x.Type == "id").Value);
var user = GetById(userId);
if (user == null)
return null;
else
return jwtToken;
}
catch(Exception e)
{
throw e;//new Exception(Resource.InvalidToken);
}
}
but I need a bearer token returned.但我需要返回一个不记名令牌。
What am I doing wrong?我究竟做错了什么? Or maybe it is returned and I don't realize.或者也许它被退回了,我没有意识到。 Also, then how do I use the "bearer token" throughout the application to keep other apis safe?另外,那么如何在整个应用程序中使用“承载令牌”来保证其他 API 的安全? Right now, I call the "Authorize" attribute at the top of every controller....现在,我在每个 controller 的顶部调用“授权”属性......
the return is:回报是:
{
"actor": null,
"audiences": [],
"claims": [
{
"issuer": "LOCAL AUTHORITY",
"originalIssuer": "LOCAL AUTHORITY",
"properties": {},
"subject": null,
"type": "id",
"value": "6",
"valueType": "http://www.w3.org/2001/XMLSchema#string"
},
{
"issuer": "LOCAL AUTHORITY",
"originalIssuer": "LOCAL AUTHORITY",
"properties": {},
"subject": null,
"type": "nbf",
"value": "1618714791",
"valueType": "http://www.w3.org/2001/XMLSchema#integer"
},
{
"issuer": "LOCAL AUTHORITY",
"originalIssuer": "LOCAL AUTHORITY",
"properties": {},
"subject": null,
"type": "exp",
"value": "1618721991",
"valueType": "http://www.w3.org/2001/XMLSchema#integer"
},
{
"issuer": "LOCAL AUTHORITY",
"originalIssuer": "LOCAL AUTHORITY",
"properties": {},
"subject": null,
"type": "iat",
"value": "1618714791",
"valueType": "http://www.w3.org/2001/XMLSchema#integer"
}
],
"encodedHeader": "eyJhbaaaaaaaaaaaaaaaaaaaaaaaaa6IkpXVCJ9",
"encodedPayload": "eyJpZCI6IjYiLCJuYaaaaaaaaaaaaaaaaMSwiaWF0IjoxNjE4NzE0NzkxfQ",
"header": {
"alg": "HS256",
"typ": "JWT"
},
"id": null,
"issuer": null,
"payload": {
"id": "6",
"nbf": 1618714791,
"exp": 1618721991,
"iat": 1618714791
},
"innerToken": null,
"rawAuthenticationTag": null,
"rawCiphertext": null,
"rawData": "eyJaaaaaaaaaaaaaaaaaaaaaadt0L5_f8BR5UCPuKXk",
"rawEncryptedKey": null,
"rawInitializationVector": null,
"rawHeader": "eyaaaaaaaaaaaaaaapXVCJ9",
"rawPayload": "eyaaaaaaaaaaaaaaaI6MTYxODcyMTk5MSwiaWF0IjoxNjE4NzE0NzkxfQ",
"rawSignature": "aaaaaaaaaaaaaaApoYZZaG7Lk5dt0L5_f8BR5UCPuKXk",
"securityKey": null,
"signatureAlgorithm": "HS256",
"signingCredentials": null,
"encryptingCredentials": null,
"signingKey": {
"keySize": 512,
"keyId": null,
"cryptoProviderFactory": {
"cryptoProviderCache": {},
"customCryptoProvider": null,
"cacheSignatureProviders": true
}
},
"subject": null,
"validFrom": "2021-04-18T02:59:51Z",
"validTo": "2021-04-18T04:59:51Z",
"issuedAt": "2021-04-18T02:59:51Z"
}
1 个解决方案
解决方案1
1 2021-04-18 10:12:28
To use JWT Bearer Token as Authenticated method for ASP.NET Core first of all you need to configure your JWT Bearer as Authentication method in Startup.cs.要使用 JWT Bearer Token 作为 ASP.NET Core 的身份验证方法,首先您需要在 Startup.cs 中配置 JWT Bearer 作为身份验证方法。
Inside ConfigureService内部配置服务
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
options.SaveToken = true;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidIssuer = Configuration.GetSection("Issuer").Value,//getting from appsettings.json
ValidAudience = Configuration.GetSection("Audience").Value,//getting from appsettings.json
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration.GetSection("SecretKey").Value))
};
});
Then inside Configure method然后在 Configure 方法里面
app.UseAuthentication();
app.UseAuthorization();
To generate a token生成令牌
public string GetToken(IConfiguration configuration, ApplicationUser userModel)
{
_ = int.TryParse(configuration.GetSection("UserTokenExpireDays").Value, out var expireDays);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Email, userModel.Email),
new Claim(ClaimTypes.Name, userModel.UserName),
new Claim(ClaimTypes.NameIdentifier, userModel.Id),
new Claim(ClaimTypes.Country, userModel.CountryCode),//if any
new Claim(ClaimTypes.Locality, userModel.Country.ToString()),//if any
// Add more claims you if you need.
};
return CreateToken(configuration, expireDays, claims);
}
private static string CreateToken(IConfiguration configuration, int expireDays, Claim[] claims)
{
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration.GetSection("SecretKey").Value));
var token = new JwtSecurityToken
(
issuer: configuration.GetSection("Issuer").Value,
audience: configuration.GetSection("Audience").Value,
expires: DateTime.UtcNow.AddMonths(1),
claims: claims,
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
Now you can get a JWT Bearer Token to secure your Controller Action methods, the Token you get you need to add it in every call header like below.现在您可以获得一个 JWT 承载令牌来保护您的 Controller 操作方法,您获得的令牌需要在每次调用 header 中添加它,如下所示。
const request = req.clone({ //req is an Angular HttpRequest
setHeaders: {
Authorization: `Bearer ${the_token}`
}
});
Now you have a fully working JWT Bearer Authentication in your ASP.NET Core app.现在,您在 ASP.NET 核心应用程序中拥有了一个完全工作的 JWT 承载身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如何使用IdentityModel Extensions for .NET 5生成JWT令牌 - How to generate JWT Token with IdentityModel Extensions for .NET 5
使用 System.IdentityModel.Tokens.Jwt 验证在 C# 中生成的令牌 - Verify Token generated in C# with System.IdentityModel.Tokens.Jwt
将System.IdentityModel.Tokens.Jwt 4.0.2更新为5.4令牌问题 - Update System.IdentityModel.Tokens.Jwt 4.0.2 to 5.4 Token Issues
如何通过使用JWT Bearer令牌获取用户声明 - How to get user claims by using JWT Bearer token
带有 JWT Bearer 令牌的身份验证 Swagger - Authentication Swagger with JWT Bearer token
Azure AD Jwt Bearer令牌 - Azure AD Jwt Bearer token
在 Angular 中设置不记名 JWT 令牌 - Setting a bearer JWT token in Angular
如何使用 System.IdentityModel.Tokens.Jwt package 提取令牌过期时间 - How to extract the token expiration time with the System.IdentityModel.Tokens.Jwt package
使用ASP.NET 5中的System.IdentityModel.Tokens.Jwt编码JWT令牌 - Encoding JWT Token Using System.IdentityModel.Tokens.Jwt in ASP.NET 5
无法读取使用 System.IdentityModel.Tokens.Jwt 生成的 JWT 令牌 - Unable to read JWT token generated using System.IdentityModel.Tokens.Jwt
相关标签