如何解决.NET Core-JWT-解密令牌? Claims.First返回“序列不包含匹配元素”
我将我的jwt令牌作为承载头发送,以便它得到验证
我认为最好的选择是中间件过滤器
但是如何解密令牌?
tokenS.Claims.First返回“序列不包含匹配元素”
public async void OnAuthorization(AuthorizationFilterContext context)
{
var req = context.HttpContext.Request;
//---------------------------------------- jwt
var stream = req.Headers[HeaderNames.Authorization];
var tokenHandler = new JwtSecurityTokenHandler();
var bearer = stream[0].Split(" ");
var jsonToken = tokenHandler.ReadToken(bearer[1]);
var tokenS = tokenHandler.ReadToken(stream) as JwtSecurityToken;
var jti = tokenS.Claims.First(claim => claim.Type == ClaimTypes.Name);
这是我在用户验证身份时对令牌进行加密的方式
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(settings.JwtSecret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name,user.Id.ToString())
}),Expires = DateTime.UtcNow.AddDays(7),SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.Createtoken(tokenDescriptor);
感谢您对此的帮助
解决方法
根据您的描述,我发现您的jwt令牌生成方法中没有发行者或受众,我建议您尝试使用下面的JWT生成代码,然后它会很好地工作。
加密方法:
public static string GetToken2() {
var key = Encoding.ASCII.GetBytes
("YourKey-2374-OFFKDI940NG7:56753253-tyuw-5769-0921-kfirox29zoxv");
//Generate Token for user
var JWToken = new JwtSecurityToken(
issuer: "http://localhost:45092/",audience: "http://localhost:45092/",claims: new List<Claim>
{
new Claim(ClaimTypes.Name,"Users2222" )
},notBefore: new DateTimeOffset(DateTime.Now).DateTime,expires: new DateTimeOffset(DateTime.Now.AddDays(1)).DateTime,//Using HS256 Algorithm to encrypt Token
signingCredentials: new SigningCredentials
(new SymmetricSecurityKey(key),SecurityAlgorithms.HmacSha256Signature)
);
string token = new JwtSecurityTokenHandler().WriteToken(JWToken);
return token;
}
中间件:
app.Use(async (context,next) =>
{
// you could get from token or get from session.
string token = context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(token))
{
var tok = token.Replace("Bearer ","");
var jwttoken = new JwtSecurityTokenHandler().ReadJwtToken(tok);
var jti = jwttoken.Claims.First(claim => claim.Type == ClaimTypes.Name);
}
await next();
});
结果:
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。