参考:
基本用法: https://www.cnblogs.com/yilezhu/p/9241261.html
加token授权:https://www.cnblogs.com/shenghuotaiai/p/12551268.html
整合后调通,上代码:
Controller:
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Tokens; using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Security.Claims; using System.Text; using System.Threading.Tasks; namespace WebApp1.Controllers { [Route("XxxApi/[controller]")] public class WebApiController : Controller { /// <summary> /// 获取Token /// </summary> /// <param name="uid">明文</param> /// <returns>密文</returns> [HttpGet, Route("GetToken")] public ActionResult<string> GetToken(string uid) { var claims = new List<Claim> { new Claim(JwtRegisteredClaimNames.Nbf,$"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"),//生效时间 new Claim(JwtRegisteredClaimNames.Exp,$"{new DateTimeOffset(DateTime.Now.AddMinutes(30)).ToUnixTimeSeconds()}"),//过期时间 new Claim(ClaimTypes.Name, uid) }; // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SecurityKey123456")); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); JwtSecurityToken jwt = new JwtSecurityToken( claims: claims, signingCredentials: creds ); var handler = new JwtSecurityTokenHandler(); // 生成 jwt字符串 var strJWT = handler.WriteToken(jwt); return Ok(strJWT); } /// <summary> /// 获取用户姓名 /// </summary> /// <param name="id">用户唯一标识id</param> /// <returns>用户姓名</returns> [HttpGet, Authorize, Route("GetUserName")] public string GetUserName(int id) { return "abc"; } } }
Startup:
using db_face.Models; using db_oa.Models; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; using System; using System.IO; using System.Text; namespace WebApp1 { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //asp.net 使用 Authentication services.AddAuthentication(s => { s.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; s.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; s.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false,//是否验证Issuer ValidateAudience = false,//是否验证Audience ValidateLifetime = true,//是否验证失效时间 ClockSkew = TimeSpan.FromMinutes(1), ValidateIssuerSigningKey = true,//是否验证SecurityKey IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SecurityKey123456")) }; }); services.AddControllersWithViews(); //注册Swagger生成器,定义一个和多个Swagger 文档 services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Version = "v1", Title = "用户信息 API", Description = "这是一个查询用户信息的 Web API", Contact = new OpenApiContact { Name = "张三", Email = "abc@abc.com" } }); // 为 Swagger JSON and UI设置xml文档注释路径 var basePath = Path.GetDirectoryName(typeof(Program).Assembly.Location); var xmlPath = Path.Combine(basePath, "WebApp1.xml"); c.IncludeXmlComments(xmlPath); //为 Swagger UI 页面顶部 加上 按钮及填写token的弹框 c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme { Description = "授权(数据将在请求头中进行传递)直接在下面框中输入Bearer {token}(注意两者之间是一个空格) \"", Name = "Authorization",//jwt默认的参数名称 In = ParameterLocation.Header,//jwt默认存放Authorization信息的位置(请求头中) Type = SecuritySchemeType.ApiKey }); //为 Swagger UI 页面上列出的每个方法加 小锁图标(每个请求都会在head加token) c.AddSecurityRequirement(new OpenApiSecurityRequirement { { new OpenApiSecurityScheme { Reference = new OpenApiReference { Id = "Bearer", Type = ReferenceType.SecurityScheme } }, Array.Empty<string>() } }); }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); } app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); }); //启用中间件服务生成Swagger作为JSON终结点 app.UseSwagger(); //启用中间件服务对swagger-ui,指定Swagger JSON终结点 app.UseSwaggerUI(c => { c.SwaggerEndpoint("/swagger/v1/swagger.json", "API V1"); //c.RoutePrefix = string.Empty; }); } } }
对于不熟的人来说还是会遇到一些坑的:
SecurityKey长度必须16位以上,不然运行时会报错。
swagger页面上 调页面的api发的请求中head中缺少token信息,报401,services.AddSwaggerGen中需要AddSecurityRequirement详见上述代码。
一直在配合框架写它需要的代码,不喜欢。