Fatal编程技术网

C# 4.0 在C中创建JWT的标准#

c#-4.0 jwt

C# 4.0 在C中创建JWT的标准#,c#-4.0,jwt,C# 4.0,Jwt,我正在努力找出一种方法来标准化JWT在产品中的创建。 下面是我遇到的两个实现 使用JwtSecurityToken,其中访问群体可以为null,在此实现中,我们使用了特定于客户端的GUID作为audienceID string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null;

我正在努力找出一种方法来标准化JWT在产品中的创建。 下面是我遇到的两个实现

  • 使用JwtSecurityToken,其中访问群体可以为null,在此实现中,我们使用了特定于客户端的GUID作为audienceID

        string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null;

    if (string.IsNullOrWhiteSpace(audienceId)) throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience");

    ClientDataModel audience = ClientStore.FindAudience(audienceId);

    string symmetricKeyAsBase64 = audience.Base64Secret;

    var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);

    var signingKey = new HmacSigningCredentials(keyByteArray);

    var issued = data.Properties.IssuedUtc;
    var expires = data.Properties.ExpiresUtc;

    //Generate Token based on the Passed information as Parameters
    var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);


    var handler = new JwtSecurityTokenHandler();

    //Write Token in the JWT Format
    var jwt = handler.WriteToken(token);

    return jwt;
  • 在必须使用AppliesToAddress的情况下使用SecurityTokenDescriptor,如果未提供,则会抛出错误。根据oauth规范,访问群体是一个可选参数

        var tokenHandler = new JwtSecurityTokenHandler();
    var now = DateTime.UtcNow;
    string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["AudienceSecret"];

    var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
    var signingKey = new HmacSigningCredentials(keyByteArray);

    // Token Creation
    var tokenDescriptor = new SecurityTokenDescriptor
    {
        Subject = new ClaimsIdentity(new Claim[]
        {
                new Claim(ClaimTypes.Name, ""),
        }),
        TokenIssuerName = ConfigurationManager.AppSettings["Issuer"],
        AppliesToAddress = ConfigurationManager.AppSettings["AppliesToAddress"],
        Lifetime = new Lifetime(now, now.AddMinutes(Int32.Parse((string)ConfigurationManager.AppSettings["TokenValidFor"]))),
        SigningCredentials = signingKey
    };

    JwtSecurityToken token = tokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
    return token.RawData;
    • 有人能建议用哪一种吗