zoukankan      html  css  js  c++  java
  • .net core 学习小结之 自定义JWT授权

    • 自定义token的验证类
      using System;
      using System.Collections.Generic;
      using System.IO;
      using System.Linq;
      using System.Threading.Tasks;
      using Microsoft.AspNetCore;
      using Microsoft.AspNetCore.Hosting;
      using Microsoft.Extensions.Configuration;
      using Microsoft.Extensions.Logging;
      
      
      namespace JwtAuth
      {
          using System.Security.Claims;
          using Microsoft.IdentityModel.Tokens;
          using Microsoft.AspNetCore.Authentication.JwtBearer;
          public class MyTokenValidata : ISecurityTokenValidator
          {
              //判断当前token是否有值
              public bool CanValidateToken => true;
      
              public int MaximumTokenSizeInBytes { get; set; }//顾名思义是验证token的最大bytes
      
              public bool CanReadToken(string securityToken)
              {
                  return true;
              }
              ///验证securityToken
              public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
              {
                  validatedToken = null;
                  if (securityToken != "yourtoken")
                  {
                      return null;
                  }
                  var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
                  identity.AddClaim(new Claim("name", "cyao"));
                  identity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, "admin"));
                  identity.AddClaim(new Claim("SuperAdmin", "true"));//添加用户访问权限
                  var principal = new ClaimsPrincipal(identity);
                  return principal;
              }
          }
      }
    • 在strtup注册自定义验证的管道代码
      using System;
      using System.Collections.Generic;
      using System.Linq;
      using System.Threading.Tasks;
      using Microsoft.AspNetCore.Builder;
      using Microsoft.AspNetCore.Hosting;
      using Microsoft.Extensions.Configuration;
      using Microsoft.Extensions.DependencyInjection;
      using Microsoft.Extensions.Logging;
      using Microsoft.Extensions.Options;
      
      namespace JwtAuth
      {
          using Microsoft.AspNetCore.Authentication.JwtBearer;
          using Microsoft.AspNetCore.Authorization;
          using Microsoft.IdentityModel.Tokens;
          public class Startup
          {
              public Startup(IConfiguration configuration)
              {
                  Configuration = configuration;
              }
              public IConfiguration Configuration { get; }
              // This method gets called by the runtime. Use this method to add services to the container.
              public void ConfigureServices(IServiceCollection services)
              {
                  //将配置文件读取到settings
                  services.Configure<JwtSettings>(Configuration.GetSection("JwtSettings"));
                  JwtSettings settings = new JwtSettings();
                  Configuration.Bind("JwtSettings", settings);
                  //添加授权信息
                  services.AddAuthentication(options =>
                  {
                      options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                      options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
      
                  })
                  .AddJwtBearer(c =>
                  // c.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters//添加jwt 授权信息
                  // {
                  //     ValidIssuer = settings.Issuer,
                  //     ValidAudience = settings.Audience,
                  //     IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(settings.SecretKey))
                  // }
                  // ------------------------自定义分割线-------------------------
                  {
                     c.SecurityTokenValidators.Clear();//清除默认的设置
                     c.SecurityTokenValidators.Add(new MyTokenValidata());//添加自己设定规则的验证方法
                     c.Events = new JwtBearerEvents()
                     {
                         OnMessageReceived = context =>
                         {
                             var token = context.Request.Headers["mytokens"];//修改默认的http headers
                             context.Token = token.FirstOrDefault();
                             return Task.CompletedTask;
                         }
                     };
                   }
                 );
                  //只允许superadmin进行访问claims
                  services.AddAuthorization(options => options.AddPolicy("SuperAdmin", policy => policy.RequireClaim("SuperAdmin")));
                  services.AddMvc();
              }
              // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
              public void Configure(IApplicationBuilder app, IHostingEnvironment env)
              {
                  if (env.IsDevelopment())
                  {
                      app.UseDeveloperExceptionPage();
                  }
                  //向builder中添加授权的管道
                  app.UseAuthentication();
                  app.UseMvc();
              }
          }
      }
    • 最终在api的最上方贴上对应的特性标签(这种是基于claims的访问)
  • 相关阅读:
    pyCharm最新2018激活码
    pycharm fiddler requests.exceptions.SSLError
    耐克的毛毛虫
    ROS-RouterOS hAP ac2+usb 4G上网卡+小米新推的无线上网卡是绝配
    TOM带你玩充电 篇三:15款5号电池横评及选购建议——南孚金霸王小米宜家耐时品胜一个都逃不了
    关于DELL服务器如果采购散件,进行服务器升级的相关说明
    开通微信零钱通的方法微信免手续费提现
    近期给朋友推荐的笔记本型号
    江苏中石化加油卡积分的几种类别
    Selenium geckodriver异常
  • 原文地址:https://www.cnblogs.com/chongyao/p/8652885.html
Copyright © 2011-2022 走看看