[英]Get Claims, Permissions and Roles from JWT Token
我在我的 .NET 6 應用程序中實現了一個 /refresh-token 端點。 Controller 從標頭中獲取 JWT 令牌,對其進行解碼並發布新令牌。
角色和權限的 Itemvalue 類型是 Newtonsoft.Json.Linq.JArray。
我做得對還是有更好的解決方案?
var handler = new JwtSecurityTokenHandler();
var oldTokenDecoded = handler.ReadJwtToken(oldToken);
List<string> rolesDecoded = new List<string>();
List<string> permissionsDecoded = new List<string>();
string UsernameDecoded = "";
string UserIDDecoded = "";
foreach(var item in oldTokenDecoded.Payload)
{
if(item.Key == "role")
{
rolesDecoded = JsonConvert.DeserializeObject<List<string>>(item.Value.ToString());
}
if(item.Key == "permissions")
{
permissionsDecoded = JsonConvert.DeserializeObject<List<string>>(item.Value.ToString());
}
if(item.Key == "Username")
{
UsernameDecoded = item.Value.ToString();
}
if(item.Key == "UserID")
{
UserIDDecoded = item.Value.ToString();
}
}
var jwtToken = JWTBearer.CreateToken(
signingKey: "token",
expireAt: DateTime.UtcNow.AddDays(1),
claims: new[] { ("Username", UsernameDecoded), ("UserID", UserIDDecoded) },
roles: rolesDecoded,
permissions: permissionsDecoded);```
使用.Claims
遍歷聲明而不是您當前的方法:
List<string> roles = new List<string>();
List<string> permissions = new List<string>();
string username;
string userId;
foreach(var item in oldTokenDecoded.Claims)
{
switch (item.Type)
{
case "role":
roles.Add(item.Value);
break;
case "permission":
permissions.Add(item.Value);
break;
case "Username":
username = item.Value;
break;
case "UserID":
userId = item.Value;
break;
// etc
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.