C# 验证信令器中的OAuth/AAD令牌
我有一个信号服务器,我需要验证客户端将从Azure AD获得的OAuth令牌。我想在AuthorizeHubConnection方法中进行验证。 我试过这个,基本上是这样的: 变量d 这将在票据中始终返回null 经过一番搜索,我发现了这篇文章: 它的作用如下:C# 验证信令器中的OAuth/AAD令牌,c#,oauth,signalr,jwt,adal,C#,Oauth,Signalr,Jwt,Adal,我有一个信号服务器,我需要验证客户端将从Azure AD获得的OAuth令牌。我想在AuthorizeHubConnection方法中进行验证。 我试过这个,基本上是这样的: 变量d 这将在票据中始终返回null 经过一番搜索,我发现了这篇文章: 它的作用如下: public class JwtTokenAuthorizeAttribute : AuthorizeAttribute { // Location of the federation metadata document for
public class JwtTokenAuthorizeAttribute : AuthorizeAttribute
{
// Location of the federation metadata document for our tenant.
private const string SecurityTokenServiceAddressFormat =
"https://login.windows.net/{0}/federationmetadata/2007-06/federationmetadata.xml";
private static readonly string Tenant = "yourtenant.onmicrosoft.com";
private static readonly string ClientId = "12345678-ABCD-EFAB-1234-ABCDEF123456";
private static readonly string MetadataEndpoint = string.Format(
CultureInfo.InvariantCulture, SecurityTokenServiceAddressFormat, Tenant);
private static readonly IIssuerSecurityTokenProvider CachingSecurityTokenProvider =
new WsFedCachingSecurityTokenProvider(
metadataEndpoint: MetadataEndpoint,
backchannelCertificateValidator: null,
backchannelTimeout: TimeSpan.FromMinutes(1),
backchannelHttpHandler: null);
public override bool AuthorizeHubConnection(
HubDescriptor hubDescriptor, IRequest request)
{
// Extract JWT token from query string (which we already did).
...
// Validate JWT token.
var tokenValidationParameters =
new TokenValidationParameters { ValidAudience = ClientId };
var jwtFormat =
new JwtFormat(tokenValidationParameters, CachingSecurityTokenProvider);
var authenticationTicket = jwtFormat.Unprotect(userJwtToken);
...
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
tokenHandler.ValidateToken(token, authTokenValidationParameters, out validatedToken);
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
tokenHandler.ValidateToken(token, authTokenValidationParameters, out validatedToken);