zoukankan      html  css  js  c++  java
  • Decrypting OWIN Authentication Ticket

    参考:https://long2know.com/2015/05/decrypting-owin-authentication-ticket/

    AuthServer产生的Token因为没有制定自定义的加密逻辑,所以会使用默认的加密算法,故只能被AuthServer自身解密。
    所以下列代码必须写在AuthServer项目内部才能使用。

    using Microsoft.Owin.Security;
    using Microsoft.Owin.Security.DataHandler;
    using Microsoft.Owin.Security.DataProtection;
    using Microsoft.Owin.Security.OAuth;
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Net;
    using System.Security.Claims;
    using System.Web.Http;
    using System.Web.Http.Results;
    using System.IdentityModel.Tokens;
    using Microsoft.Owin.Security.Jwt;
    
    namespace DIH.Core.AuthServer.IIS
    {
        [RoutePrefix("api/my")]
        public class MyController : ApiController
        {
            public MyController()
            {
            }
    
            [Route("", Name = "DecryptToken")]
            [HttpPost]
            public IHttpActionResult DecryptToken([FromBody]string token)
            {
                token = "3l4Bg-xYshdFlaD4In_RZLoDUyx-BcMyVafx97WMPrm59hyQzovjbANjCQ6Yaz6C9OnYSoGy5WvrB79lKdncUIEcxACFrdTGFzTlyTqPOrwm7HwpCa-zTPVnk3jBgq72joub58FPKxQozdyN0JqvIgB6MyRX9GfVukS2tGQltEQHCJGJDmRYfcUo0l4YTgomA9zYWIE_ERryYkeXL1zN0WKHX_QrYTADRaPKcniZ-iMoZ7v9i5vSV_GFGdDJ4BYS";
                   var secureDataFormat = new TicketDataFormat(new MachineKeyProtector());
                AuthenticationTicket ticket = secureDataFormat.Unprotect(token);
    
    
                string AuthenticationType = ticket.Identity.AuthenticationType;
                List<Claim> lstClaim = ticket.Identity.Claims.Select(claim => claim).ToList();
    
                var a = new Microsoft.Owin.Security.Jwt.JwtFormat(new TokenValidationParameters()
                {
    
                });
                string jwt = a.Protect(ticket);
    
                return Ok(jwt);
            }
        }
    
        /// <summary>
        /// Helper method to decrypt the OWIN ticket
        /// </summary>
        class MachineKeyProtector : IDataProtector
        {
            private readonly string[] _purpose = new string[]
            {
                typeof(OAuthAuthorizationServerMiddleware).Namespace,
                "Access_Token",
                "v1"
            };
            public byte[] Protect(byte[] userData)
            {
                //throw new NotImplementedException();
                return System.Web.Security.MachineKey.Protect(userData, _purpose);
            }
    
            public byte[] Unprotect(byte[] protectedData)
            {
                return System.Web.Security.MachineKey.Unprotect(protectedData, _purpose);
            }
        }
    
    }
    

      

  • 相关阅读:
    ftp连接
    Excel表格内容导出到页面
    jquery 元素前或插入一元素
    sql 查出相同的记录 并把相同记录 显示在一起
    ie 使用window.open页面报错
    java生成word文档
    myeclipse导入项目
    java生成临时文件夹和删除临时文件夹
    正则学习笔记
    React和Vue的组件更新比较
  • 原文地址:https://www.cnblogs.com/Ceri/p/7670435.html
Copyright © 2011-2022 走看看