zoukankan      html  css  js  c++  java
  • .net core 学习小结之 自定义JWT授权

    • 自定义token的验证类
      using System;
      using System.Collections.Generic;
      using System.IO;
      using System.Linq;
      using System.Threading.Tasks;
      using Microsoft.AspNetCore;
      using Microsoft.AspNetCore.Hosting;
      using Microsoft.Extensions.Configuration;
      using Microsoft.Extensions.Logging;
      
      
      namespace JwtAuth
      {
          using System.Security.Claims;
          using Microsoft.IdentityModel.Tokens;
          using Microsoft.AspNetCore.Authentication.JwtBearer;
          public class MyTokenValidata : ISecurityTokenValidator
          {
              //判断当前token是否有值
              public bool CanValidateToken => true;
      
              public int MaximumTokenSizeInBytes { get; set; }//顾名思义是验证token的最大bytes
      
              public bool CanReadToken(string securityToken)
              {
                  return true;
              }
              ///验证securityToken
              public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
              {
                  validatedToken = null;
                  if (securityToken != "yourtoken")
                  {
                      return null;
                  }
                  var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
                  identity.AddClaim(new Claim("name", "cyao"));
                  identity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, "admin"));
                  identity.AddClaim(new Claim("SuperAdmin", "true"));//添加用户访问权限
                  var principal = new ClaimsPrincipal(identity);
                  return principal;
              }
          }
      }
    • 在strtup注册自定义验证的管道代码
      using System;
      using System.Collections.Generic;
      using System.Linq;
      using System.Threading.Tasks;
      using Microsoft.AspNetCore.Builder;
      using Microsoft.AspNetCore.Hosting;
      using Microsoft.Extensions.Configuration;
      using Microsoft.Extensions.DependencyInjection;
      using Microsoft.Extensions.Logging;
      using Microsoft.Extensions.Options;
      
      namespace JwtAuth
      {
          using Microsoft.AspNetCore.Authentication.JwtBearer;
          using Microsoft.AspNetCore.Authorization;
          using Microsoft.IdentityModel.Tokens;
          public class Startup
          {
              public Startup(IConfiguration configuration)
              {
                  Configuration = configuration;
              }
              public IConfiguration Configuration { get; }
              // This method gets called by the runtime. Use this method to add services to the container.
              public void ConfigureServices(IServiceCollection services)
              {
                  //将配置文件读取到settings
                  services.Configure<JwtSettings>(Configuration.GetSection("JwtSettings"));
                  JwtSettings settings = new JwtSettings();
                  Configuration.Bind("JwtSettings", settings);
                  //添加授权信息
                  services.AddAuthentication(options =>
                  {
                      options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                      options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
      
                  })
                  .AddJwtBearer(c =>
                  // c.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters//添加jwt 授权信息
                  // {
                  //     ValidIssuer = settings.Issuer,
                  //     ValidAudience = settings.Audience,
                  //     IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(settings.SecretKey))
                  // }
                  // ------------------------自定义分割线-------------------------
                  {
                     c.SecurityTokenValidators.Clear();//清除默认的设置
                     c.SecurityTokenValidators.Add(new MyTokenValidata());//添加自己设定规则的验证方法
                     c.Events = new JwtBearerEvents()
                     {
                         OnMessageReceived = context =>
                         {
                             var token = context.Request.Headers["mytokens"];//修改默认的http headers
                             context.Token = token.FirstOrDefault();
                             return Task.CompletedTask;
                         }
                     };
                   }
                 );
                  //只允许superadmin进行访问claims
                  services.AddAuthorization(options => options.AddPolicy("SuperAdmin", policy => policy.RequireClaim("SuperAdmin")));
                  services.AddMvc();
              }
              // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
              public void Configure(IApplicationBuilder app, IHostingEnvironment env)
              {
                  if (env.IsDevelopment())
                  {
                      app.UseDeveloperExceptionPage();
                  }
                  //向builder中添加授权的管道
                  app.UseAuthentication();
                  app.UseMvc();
              }
          }
      }
    • 最终在api的最上方贴上对应的特性标签(这种是基于claims的访问)
  • 相关阅读:
    昆石VOS3000_2.1.4.0完整安装包及安装脚本
    KVPhone,VOS官方的SIP软电话电脑客户端
    昆石VOS2009 VOS3000无漏洞去后门电脑管理客户端大全
    2017年最新(4月20日)手机号码归属地数据库分享
    2017年最新VOS2009/VOS3000最新手机号段导入文件(手机归属地数据)
    Android:onNewIntent()
    三星S4使用体验(Markdown版)
    apple公司的潮起潮落——浪潮之巅
    microsoft的罗马帝国——浪潮之巅
    我的iOS开发之路
  • 原文地址:https://www.cnblogs.com/chongyao/p/8652885.html
Copyright © 2011-2022 走看看