Asp.net mvc 4 JwtSecurityTokenHandler WriteToken和';JSON压缩序列化格式字符串“;
我正在使用JwtSecurityTokenHandler创建JWT令牌Asp.net mvc 4 JwtSecurityTokenHandler WriteToken和';JSON压缩序列化格式字符串“;,asp.net-mvc-4,json.net,Asp.net Mvc 4,Json.net,我正在使用JwtSecurityTokenHandler创建JWT令牌 #region Assembly System.IdentityModel.Tokens.Jwt.dll, v4.0.20622.1351 \packages\System.IdentityModel.Tokens.Jwt.4.0.2.206221351\lib\net45\System.IdentityModel.Tokens.Jwt.dll namespace System.IdentityModel.Tokens {
#region Assembly System.IdentityModel.Tokens.Jwt.dll, v4.0.20622.1351
\packages\System.IdentityModel.Tokens.Jwt.4.0.2.206221351\lib\net45\System.IdentityModel.Tokens.Jwt.dll
namespace System.IdentityModel.Tokens
{
// Summary:
// A System.IdentityModel.Tokens.SecurityTokenHandler designed for creating
// and validating Json Web Tokens. See http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-07.
public class JwtSecurityTokenHandler
// Summary:
// Writes the System.IdentityModel.Tokens.JwtSecurityToken as a JSON Compact
// serialized format string.
//
//
// Returns:
// The System.IdentityModel.Tokens.JwtSecurityToken as a signed (if System.IdentityModel.Tokens.SigningCredentials
// exist) encoded string.
ClaimsIdentity sofCid = new ClaimsIdentity(new List<Claim>() { new Claim("MyClaimType", "MyClaimValue") }, "Custom");
var descriptor = new SecurityTokenDescriptor
{
Subject = cid,
AppliesToAddress = "http://myappliesto.com",
SigningCredentials = new X509SigningCredentials( /* code that looks up the cert */),
TokenIssuerName = "http://myissuer.com",
Lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(20))
};
JwtSecurityTokenHandler jwtHandler = new JwtSecurityTokenHandler();
SecurityToken jwt = jwtHandler.CreateToken(descriptor);
string jsonCompactSerializedString = jwtHandler.WriteToken(jwt);
您需要从JWT中解析有效负载,使用Json.NET将其加载到一个对象中,然后使用所需的序列化设置再次输出它。目前,我无法提供客户端代码来实现这一点,但以下是使用C#的方法: 但是,我不会修改有效负载本身。JWT格式的目标之一是尽可能紧凑。向有效负载添加空白是不必要的,并且会增加令牌的大小
{
"isCool":true,
"favoriteColor":"green",
"rocksTheSuburbs":true,
"favoriteDecade":"80",
"isHipToBeSquare":true
}
{
"iss": "jira:1314039",
"iat": 1300819370,
"exp": 1300819380,
"qsh": "8063ff4ca1e41df7bc90c8ab6d0f6207d491cf6dad7c66ea797b4614b71922e9",
"sub": "batman",
"context": {
"user": {
"userKey": "batman",
"username": "bwayne",
"displayName": "Bruce Wayne"
}
}
}
internal class Program
{
private static void Main()
{
// Your code
var sofCid = new ClaimsIdentity(new List<Claim> { new Claim("MyClaimType", "MyClaimValue") }, "Custom");
var descriptor = new SecurityTokenDescriptor
{
Subject = sofCid,
AppliesToAddress = "http://myappliesto.com",
TokenIssuerName = "http://myissuer.com",
Lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(20))
};
var jwtHandler = new JwtSecurityTokenHandler();
SecurityToken jwt = jwtHandler.CreateToken(descriptor);
string jsonCompactSerializedString = jwtHandler.WriteToken(jwt);
// My code
string encodedPayload = jsonCompactSerializedString.Split('.')[1];
string decodedPayload = Base64UrlDecode(encodedPayload);
object jsonObject = JsonConvert.DeserializeObject(decodedPayload);
string formattedPayload = JsonConvert.SerializeObject(jsonObject, Formatting.Indented);
}
// A helper method for properly base64url decoding the payload
public static string Base64UrlDecode(string value, Encoding encoding = null)
{
string urlDecodedValue = value.Replace('_', '/').Replace('-', '+');
switch (value.Length % 4)
{
case 2:
urlDecodedValue += "==";
break;
case 3:
urlDecodedValue += "=";
break;
}
return Encoding.ASCII.GetString(Convert.FromBase64String(urlDecodedValue));
}
}
{
"MyClaimType": "MyClaimValue",
"iss": "http://myissuer.com",
"aud": "http://myappliesto.com",
"exp": 1468957532,
"nbf": 1468956332
}