堆栈内存溢出
  简体   繁体   English

从 JWT 令牌中获取声明、权限和角色

[英]Get Claims, Permissions and Roles from JWT Token

 原文  2022-10-10 11:34:27       c#/ linq/ jwt/ json.net

问题描述

I am implementing a /refresh-token endpoint in my .NET 6 application.我在我的 .NET 6 应用程序中实现了一个 /refresh-token 端点。 The Controller takes the JWT Token from the headers, decode it and issue new token. Controller 从标头中获取 JWT 令牌,对其进行解码并发布新令牌。

The type of Itemvalue for role and permissions is Newtonsoft.Json.Linq.JArray.角色和权限的 Itemvalue 类型是 Newtonsoft.Json.Linq.JArray。

Am I doing it properly or there is a better solution?我做得对还是有更好的解决方案?

        var handler = new JwtSecurityTokenHandler();
        var oldTokenDecoded = handler.ReadJwtToken(oldToken);


        List<string> rolesDecoded = new List<string>();
        List<string> permissionsDecoded = new List<string>();
        string UsernameDecoded = "";
        string UserIDDecoded = "";

        foreach(var item in oldTokenDecoded.Payload)
        {
            if(item.Key == "role")
            {
                rolesDecoded = JsonConvert.DeserializeObject<List<string>>(item.Value.ToString());
            }

            if(item.Key == "permissions")
            {
                permissionsDecoded = JsonConvert.DeserializeObject<List<string>>(item.Value.ToString());
            }

            if(item.Key == "Username")
            {
                UsernameDecoded = item.Value.ToString();
            }

            if(item.Key == "UserID")
            {
                UserIDDecoded = item.Value.ToString();
            }
            
        }
        
        var jwtToken = JWTBearer.CreateToken(
                signingKey: "token",
                expireAt: DateTime.UtcNow.AddDays(1),
                claims: new[] { ("Username", UsernameDecoded), ("UserID", UserIDDecoded) },
                roles: rolesDecoded,
                permissions: permissionsDecoded);```

1 个解决方案

解决方案1
 1 已采纳  2022-10-10 11:44:27

Use .Claims to iterate through claims instead of your current approach:使用.Claims遍历声明而不是您当前的方法:

List<string> roles = new List<string>();
List<string> permissions = new List<string>();
string username;
string userId;
foreach(var item in oldTokenDecoded.Claims)
{
    switch (item.Type)
    {
        case "role":
            roles.Add(item.Value);
            break;
        case "permission":
            permissions.Add(item.Value);
            break;
        case "Username":
            username = item.Value;
            break;
        case "UserID":
            userId = item.Value;
            break;
        // etc
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从 WebAPI Controller - JWT 令牌获取声明, - Get claims from a WebAPI Controller - JWT Token, 从 jwt 令牌获取声明到 context.User.Claims - Get claims from jwt token into context.User.Claims 直接从令牌中获取 JWT 声明,ASP Net Core 2.1 - Get JWT claims directly from the token, ASP Net Core 2.1 无法使用 ASP.NET Core 从 JWT 令牌中获取声明 - Can't get claims from JWT token with ASP.NET Core 使用Owin从JWT获得自定义声明 - Get custom claims from a JWT using Owin 如何通过使用JWT Bearer令牌获取用户声明 - How to get user claims by using JWT Bearer token 如何从JWT令牌.NET 4.5中读取声明 - How to read Claims from JWT Token .NET 4.5 从 Google 身份验证接收 JWT 令牌而不是接收声明 - Receive JWT token from Google auth instead of receiving claims 将 Jwt 令牌或声明主体转换为 SAML 令牌 - Convert Jwt token or claims principal to SAML token C# - 如何在Web API 2上添加JWT的用户声明/角色 - C# - How to add user claims/roles from JWT on Web API 2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM