Jwt 已經成爲跨平臺身份驗證通用方案,如不瞭解請關注:https://jwt.io/。 web
爲了和微軟其餘驗證模塊有個比較好的銜接,項目中採用了微軟開發的jwt組件: System.IdentityModel.Tokens.Jwt。首先安裝:Install-Package System.IdentityModel.Tokens.Jwt。app
在config方法中添加ide
1 if (!HostingEnvironment.IsEnvironment("test")) 2 { 3 app.UseJwtBearerAuthentication(Jwt.GetJwtOptions()); 4 }
實現一個jwt工具類:工具
1 using System; 2 using System.Collections.Generic; 3 using System.IdentityModel.Tokens.Jwt; 4 using System.Security.Claims; 5 using System.Text; 6 using System.Threading.Tasks; 7 using AutoMapper; 8 using Microsoft.AspNet.Hosting; 9 using Microsoft.AspNetCore.Authentication.JwtBearer; 10 using Microsoft.AspNetCore.Builder; 11 using Microsoft.AspNetCore.Hosting; 12 using Microsoft.AspNetCore.Http; 13 using Microsoft.AspNetCore.Http.Extensions; 14 using Microsoft.Extensions.Configuration; 15 using Microsoft.IdentityModel.Tokens; 16 using NDaisy.Core.ServiceLocator; 17 using WebApiCore.Core.Utility.Extension; 18 using IHostingEnvironment = Microsoft.AspNetCore.Hosting.IHostingEnvironment; 19 20 namespace WebApiCore.Utility 21 { 22 public class Jwt 23 { 24 private static SecurityKey _signKey; 25 private static IConfigurationSection _config; 26 private const string Issue = "webcore"; 27 static Jwt() 28 { 29 _config= ServiceLocator.Current.GetInstance<IConfigurationRoot>().GetSection("Jwt"); 30 var keyAsBytes = Encoding.ASCII.GetBytes(_config.GetValue<string>("Salt")); 31 _signKey = new SymmetricSecurityKey(keyAsBytes); 32 33 } 34 35 public static JwtBearerOptions GetJwtOptions() 36 { 37 return new JwtBearerOptions 38 { 39 TokenValidationParameters = 40 { 41 ValidIssuer = Issue, 42 IssuerSigningKey = _signKey, 43 ValidateLifetime = true, 44 ValidateIssuer = true, 45 ValidateAudience = false 46 }, 47 Events = new JwtBearerEvents() 48 { 49 OnAuthenticationFailed = c => 50 { 51 52 return Task.Run(() => 53 { 54 if (ServiceLocator.Current.GetInstance<IHostingEnvironment>().IsDevelopment()) 55 { 56 c.Request.GetDisplayUrl().LogInfo(); 57 c.Exception.LogError(); 58 } 59 60 } ); 61 } 62 63 } 64 }; 65 } 66 67 public static string SignToken(IList<Claim> claims) 68 { 69 var seconds= _config.GetValue<int>("SlideTime"); 70 71 JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(issuer: Issue, claims: claims, expires: DateTime.UtcNow.AddSeconds(seconds), signingCredentials: new SigningCredentials(_signKey, SecurityAlgorithms.HmacSha256)); 72 73 return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); 74 } 75 } 76 77 }
添加一個獲取token的入口,實際項目中,放在登陸受權裏面:ui
1 app.Map("/auth/test", appbuilder => 2 { 3 appbuilder.Run(d => 4 { 5 var token= Jwt.SignToken(new List<Claim>() {new Claim("name", "ryan")}); 6 7 return d.Response.WriteAsync(token); 8 }); 9 });