[英]Configure JWT Bearer token validation using the public security key in .NET Core
[英]How to validate JWT Token using JWKS in Dot Net Core
在 C# 中,我需要針對 JWKS 驗證承載令牌(Json object 代表如下所示的一組密鑰)
{
"keys":[
{
"e":"AQAB",
"kid":"unique key",
"kty":"RSA",
"n":"some value"
}
]
}
您可以使用 Microsoft 的 Nuget 包Microsoft.IdentityModel.Tokens
和System.IdentityModel.Tokens.Jwt
執行此操作
使用以下代碼創建令牌驗證器:
private static bool ValidateToken(string token, TokenValidationParameters validationParameters)
{
var tokenHandler = new JwtSecurityTokenHandler();
try
{
tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
return validatedToken != null;
}
catch (Exception)
{
return false;
}
}
對於使用,您必須加載 JWKS 和 select 驗證參數的密鑰:
var jwksJson = @"
{
""keys"":[
{
""e"":""AQAB"",
""kid"":""unique key"",
""kty"":""RSA"",
""n"":""some value""
}
]
}";
var token = "eyJhb...";
var jwks = new JsonWebKeySet(jwksJson);
var jwk = jwks.Keys.First();
var validationParameters = new TokenValidationParameters
{
IssuerSigningKey = jwk,
ValidAudience = "", // Your API Audience, can be disabled via ValidateAudience = false
ValidIssuer = "" // Your token issuer, can be disabled via ValidateIssuer = false
};
var isValid = ValidateToken(token, validationParameters);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.