文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >Claims Identity .NET CORE 3.0 API JWT

Claims Identity .NET CORE 3.0 API JWT
EN

Stack Overflow用户
提问于 2020-02-14 19:43:38
回答 1查看 1.1K关注 0票数 0

我正在尝试在.NET Core3.0上开发一个web API,但是我无法从控制器获取userId

这是我的StartUp

代码语言:javascript
复制
RSAParameters keyParams = RsaKeyUtils.GetKeyParameters("jwt_key.conf");
        var key = new RsaSecurityKey(keyParams);

        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters()
                {
                    IssuerSigningKey = key,
                    ValidAudience = GappedAuthSettings.TokenAudience,
                    ValidIssuer = GappedAuthSettings.TokenIssuer,
                    ValidateIssuerSigningKey = true,
                    ValidateLifetime = true,
                    RequireSignedTokens = true,
                    ClockSkew = TimeSpan.FromMinutes(0)
                };
            });

下面是如何发出JWT令牌的:

代码语言:javascript
复制
 private string GetToken(string userEmail, DateTime? expires, IEnumerable<Claim> claims)
    {
        var handler = new JwtSecurityTokenHandler();

        var identity = new ClaimsIdentity(new GenericIdentity(userEmail, "Auth"), claims);

        var securityToken = handler.CreateToken(new SecurityTokenDescriptor
        {
            Issuer = this.tokenOptions.Issuer,
            Audience = this.tokenOptions.Audience,
            SigningCredentials = this.tokenOptions.SigningCredentials,
            Subject = identity,
            Expires = expires,
            IssuedAt = DateTime.UtcNow
        });

        return handler.WriteToken(securityToken);
    }

当我尝试读取它时,claimsIdentity会返回一个具有空属性的对象

代码语言:javascript
复制
    protected string GetUserId()
    {
        var claimsIdentity = this.User.Identity as ClaimsIdentity;
        var userId = claimsIdentity.FindFirst("userId")?.Value;

        if (userId != null)
        {
            return userId;
        }

        return null;
    }

IMG

asp.net-core-webapi
jwt-auth
c#
.net-core
EN

回答 1

Stack Overflow用户

回答已采纳

发布于 2020-02-17 11:40:37

下面是一个类似下面的工作演示:

1.appsettings.json:

代码语言:javascript
复制
"Jwt": {
   "Key": "ThisismySecretKey",
   "Issuer": "Test.com"
}

2.Startup.cs:

代码语言:javascript
复制
public void ConfigureServices(IServiceCollection services)
{
    services.AddControllers();
    services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters()
        {
            ValidIssuer = Configuration["Jwt:Issuer"],
            ValidAudience = Configuration["Jwt:Issuer"],
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"])),

            ValidateIssuerSigningKey = true,
            ValidateLifetime = true,
            RequireSignedTokens = true,
            ClockSkew = TimeSpan.FromMinutes(0)
        };
    });
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    app.UseHttpsRedirection();          
    app.UseRouting();

    app.UseAuthentication();   //be sure to add this line
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllers();
    });
}

3.控制器:

代码语言:javascript
复制
[Route("api/[controller]")]
public class ValuesController : ControllerBase
{
    private IConfiguration _config;
    public ValuesController(IConfiguration config)
    {
        _config = config;
    }
    [HttpGet]
    public string Get()
    {
        var claim = new[]
        {
            new Claim("userId", "1")
        };
        var data = GetToken("np@hotmail.com", null, claim);
        return data;
    }
    [HttpGet]
    private string GetToken(string userEmail, DateTime? expires, IEnumerable<Claim> claims)
    {    
        var handler = new JwtSecurityTokenHandler();           
        var identity = new ClaimsIdentity(new GenericIdentity(userEmail, "Auth"), claims);

        var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
        var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);

        var securityToken = handler.CreateToken(new SecurityTokenDescriptor
        {
            Issuer = _config["Jwt:Issuer"],
            Audience = _config["Jwt:Issuer"],
            SigningCredentials = credentials,
            Subject = identity,
            Expires = DateTime.Now.AddMinutes(120),
            IssuedAt = DateTime.UtcNow
        });
        return handler.WriteToken(securityToken);
    }
}

4.测试方法(一定要添加[Authorize]):

代码语言:javascript
复制
[Route("api/[controller]")]
public class TestController : Controller
{       
    [Authorize]
    [HttpGet]
    public string Get()
    {
        var claimsIdentity = this.User.Identity as ClaimsIdentity;
        var claim = claimsIdentity.Claims;
        // or
        var data = claimsIdentity.FindFirst("userId").Value;
        return data;
    }
}

5.测试步骤:

首先,您需要从GetToken方法获取令牌。

然后,调用授权类型为Bearer Token的测试方法。

最后,您可以获得索赔。

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/60225690

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档