本文只是介绍了下基于AspNetCore自带的System.IdentityModel.Tokens.Jwt.dll工具在项目中Token的应用。
我这里谈到的很浅显就两点:
一,超时时间
二,数据的加载
1,废话不多说上代码,首先是自定义的载体类如下
1 ??public class DtoRecLogin2 ????{3 ????????public string Data1 { get; set; }4 ????????public string Data2 { get; set; }5 ????????public string Data3 { get; set; }6 ????}2,接着是Token生成的签名信息
public class TokenAuthOption ???{ ???????public static string Audience { get; } = "ExampleAudience"; ???????public static string Issuer { get; } = "ExampleIssuer"; ???????public static RsaSecurityKey Key { get; } = new RsaSecurityKey(RSAKeyHelper.GenerateKey()); ???????public static SigningCredentials SigningCredentials { get; } = new SigningCredentials(Key, SecurityAlgorithms.RsaSha256Signature); ???????public static TimeSpan ExpiresSpan { get; } = TimeSpan.FromMinutes(1440); ???}3,好了准备工作完成接着贴上生成Token的代码
1 private static string GenerateToken(DtoRecLogin reclogin, DateTime expires) 2 ????????{ 3 ????????????var handler = new JwtSecurityTokenHandler(); 4 ?5 ????????????ClaimsIdentity identity = new ClaimsIdentity( 6 ????????????????new GenericIdentity(reclogin.Data1, "TokenAuth"), 7 ????????????????new[] { 8 ????????????new Claim("ID", reclogin.Data2), 9 ????????????new Claim("SysCode",reclogin.Data3)10 ????????????????}11 ????????????);12 13 ????????????var securityToken = handler.CreateToken(new SecurityTokenDescriptor14 ????????????{15 ????????????????Issuer = TokenAuthOption.Issuer,16 ????????????????Audience = TokenAuthOption.Audience,17 ????????????????SigningCredentials = TokenAuthOption.SigningCredentials,18 ????????????????Subject = identity,19 ????????????????Expires = expires20 ????????????});21 ????????????return handler.WriteToken(securityToken);22 ????????}这个方法有2个参数
1)DtoRecLogin对象用于承载需要传递的信息
2) expires 是Token的超时时间
4,Token生成完毕我们来模拟下调用和解析Token
public static void Main(string[] args) ???????{ ???????????#region 生成Token ???????????var timeout = DateTime.Now + TimeSpan.FromSeconds(5); ???????????var token = GenerateToken(new DtoRecLogin() ???????????{ ???????????????Data1 = "TestData1", ???????????????Data2 = "TestData2", ???????????????Data3 = "TestData3" ???????????}, timeout); ???????????#endregion ???????????#region 解析Token ???????????//当前的时间戳用于判断token是否过期 ???????????var now = Math.Round((DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds); ???????????var encodedJwt = new JwtSecurityTokenHandler().ReadJwtToken(token); ???????????//开始时间 ???????????var iat = Convert.ToDouble(encodedJwt.Claims.FirstOrDefault(u => u.Type == "iat").Value); ???????????//结束时间 ???????????var exp = Convert.ToDouble(encodedJwt.Claims.FirstOrDefault(u => u.Type == "exp").Value); ???????????//如果当前时间戳不再Token声明周期范围内,则返回Token过期 ???????????if (!(iat < now && now < exp)) ???????????{ ???????????????throw (new Exception() { Source = "TokenTimeOut" }); ???????????} ???????????var data1 = encodedJwt.Claims.FirstOrDefault(u => u.Type == "unique_name").Value; ???????????var data2 = encodedJwt.Claims.FirstOrDefault(u => u.Type == "ID").Value; ???????????var data3 = encodedJwt.Claims.FirstOrDefault(u => u.Type == "SysCode").Value; ???????????#endregion ??????????????????}注释的很详细就不多说了,为了方便的测试我用了5秒钟超时,在调试的时候 可以在
var now = Math.Round((DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds);
打上断点,然后一次直接跳过此处,一次等待5秒以上在往下走,可以发现超过5秒会抛Token过期异常
好了,到此结束,希望可以帮到刚接触Token验证的朋友。
Asp.NetCore安全验证之JWT
原文地址:https://www.cnblogs.com/liuqi-chu/p/10374586.html