.NetCore开发Jwt认证实现JwtUtil

using Infrastructure;

using Infrastructure.Extensions;

using Model;

using WMS.WebApi.Extensions;

using Microsoft.IdentityModel.Tokens;

using Newtonsoft.Json;

using System.IdentityModel.Tokens.Jwt;

using System.Security.Claims;

using System.Text;

namespace WMS.WebApi.Util

{

public class JwtUtil

{

/// <summary>

/// 获取用户身份信息

/// </summary>

/// <param name="httpContext"></param>

/// <returns></returns>

public static TokenModel GetLoginUser(HttpContext httpContext)

{

string token = httpContext.GetToken();

if (!string.IsNullOrEmpty(token))

{

return ValidateJwtToken(ParseToken(token));

}

return null;

}

/// <summary>

/// 生成token

/// </summary>

/// <param name="claims"></param>

/// <returns></returns>

public static string GenerateJwtToken(List<Claim> claims)

{

JwtSettings jwtSettings = new();

AppSettings.Bind("JwtSettings", jwtSettings);

var authTime = DateTime.Now;

var expiresAt = authTime.AddMinutes(jwtSettings.Expire);

var tokenHandler = new JwtSecurityTokenHandler();

var key = Encoding.ASCII.GetBytes(jwtSettings.SecretKey);

claims.Add(new Claim("Audience", jwtSettings.Audience));

claims.Add(new Claim("Issuer", jwtSettings.Issuer));

var tokenDescriptor = new SecurityTokenDescriptor

{

Subject = new ClaimsIdentity(claims),

Issuer = jwtSettings.Issuer,

Audience = jwtSettings.Audience,

IssuedAt = authTime,//token生成时间

Expires = expiresAt,

//NotBefore = authTime,

TokenType = jwtSettings.TokenType,

//对称秘钥,签名证书

SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)

};

var token = tokenHandler.CreateToken(tokenDescriptor);

return tokenHandler.WriteToken(token);

}

/// <summary>

/// 验证Token

/// </summary>

/// <returns></returns>

public static TokenValidationParameters ValidParameters()

{

JwtSettings jwtSettings = new();

AppSettings.Bind("JwtSettings", jwtSettings);

if (jwtSettings == null || jwtSettings.SecretKey.IsEmpty())

{

throw new Exception("JwtSettings获取失败");

}

var key = Encoding.ASCII.GetBytes(jwtSettings.SecretKey);

var tokenDescriptor = new TokenValidationParameters

{

ValidateIssuerSigningKey = true,

ValidateIssuer = true,

ValidateAudience = true,

ValidIssuer = jwtSettings.Issuer,

ValidAudience = jwtSettings.Audience,

IssuerSigningKey = new SymmetricSecurityKey(key),

ValidateLifetime = true,//是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比

ClockSkew = TimeSpan.FromSeconds(30)

//RequireExpirationTime = true,//过期时间

};

return tokenDescriptor;

}

/// <summary>

/// 从令牌中获取数据声明

/// </summary>

/// <param name="token">令牌</param>

/// <returns></returns>

public static JwtSecurityToken? ParseToken(string token)

{

var tokenHandler = new JwtSecurityTokenHandler();

var validateParameter = ValidParameters();

token = token.Replace("Bearer ", "");

try

{

tokenHandler.ValidateToken(token, validateParameter, out SecurityToken validatedToken);

return tokenHandler.ReadJwtToken(token);

}

catch (Exception ex)

{

Console.WriteLine(ex.Message);

// return null if validation fails

return null;

}

}

/// <summary>

/// jwt token校验

/// </summary>

/// <param name="jwtSecurityToken"></param>

/// <returns></returns>

public static TokenModel? ValidateJwtToken(JwtSecurityToken jwtSecurityToken)

{

try

{

if (jwtSecurityToken == null) return null;

IEnumerable<Claim> claims = jwtSecurityToken?.Claims;

TokenModel loginUser = null;

var userData = claims.FirstOrDefault(x => x.Type == ClaimTypes.UserData)?.Value;

if (userData != null)

{

loginUser = JsonConvert.DeserializeObject<TokenModel>(userData);

loginUser.ExpireTime = jwtSecurityToken.ValidTo;

}

return loginUser;

}

catch (Exception ex)

{

Console.WriteLine(ex.Message);

return null;

}

}

/// <summary>

///组装Claims

/// </summary>

/// <param name="user"></param>

/// <returns></returns>

public static List<Claim> AddClaims(TokenModel user)

{

var claims = new List<Claim>()

{

new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()),

new Claim(ClaimTypes.Name, user.UserName),

new Claim(ClaimTypes.UserData, JsonConvert.SerializeObject(user))

};

return claims;

}

}

}

相关推荐
公子小六4 天前
ASP.NET Core WebApi+React UI开发入门详解
react.js·ui·c#·asp.net·.netcore
工藤新一OL4 天前
.netCore的winform程序如何调用webapi
c#·.net·.netcore·visual studio
江沉晚呤时5 天前
深入解析 C# 开闭原则(OCP):设计可扩展的系统
数据库·c#·系统安全·.netcore
江沉晚呤时7 天前
深入解析外观模式(Facade Pattern)及其应用 C#
java·数据库·windows·后端·microsoft·c#·.netcore
江沉晚呤时7 天前
深入解析代理模式(Proxy Pattern):设计与应用
安全·c#·系统安全·.netcore
小吴同学·9 天前
NET6 WebApi第5讲:中间件(源码理解,俄罗斯套娃怎么来的?);Web 服务器 (Nginx / IIS / Kestrel)、WSL、SSL/TSL
中间件·c#·.net·.netcore·.net core
江沉晚呤时9 天前
深入解析组合模式(Composite Pattern):概念、结构与应用
java·开发语言·后端·c#·.netcore
江沉晚呤时10 天前
精益架构设计:深入理解与实践 C# 中的单一职责原则
java·jvm·算法·log4j·.netcore·net
世界太过浮夸11 天前
.net core集成MQTT服务端
.netcore
weixin_4219947811 天前
用 .net Core 实现简单的缓存,在小型单体项目中替代Redis
缓存·.netcore