C# Firebase身份验证asp.net核心
成功登录Firebase后,我们收到一个JWT令牌 为了向我的asp.net应用程序添加授权,我尝试向中间件添加JWTBeareAuthentication 我尝试了以下JwtBearerOptions:C# Firebase身份验证asp.net核心,c#,firebase,asp.net-core,jwt,firebase-authentication,C#,Firebase,Asp.net Core,Jwt,Firebase Authentication,成功登录Firebase后,我们收到一个JWT令牌 为了向我的asp.net应用程序添加授权,我尝试向中间件添加JWTBeareAuthentication 我尝试了以下JwtBearerOptions: var options = new JwtBearerOptions { Audience = "myApp", Authority = "https://securetoken.google.com" };
var options = new JwtBearerOptions
{
Audience = "myApp",
Authority = "https://securetoken.google.com"
};
有人知道哪个辅助url是正确的吗?JWT验证需要手动进行: 以下代码正在验证FirebaseToken JWT:
//Download certificates from google
HttpClient client = new HttpClient();
var jsonResult = client.GetStringAsync("https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com").Result;
//Convert JSON Result
var x509Metadata = JObject.Parse(jsonResult)
.Children()
.Cast<JProperty>()
.Select(i => new x509Metadata(i.Path, i.Value.ToString()));
//Extract IssuerSigningKeys
var issuerSigningKeys = x509Metadata.Select(s => s.X509SecurityKey);
//Setup JwtTokenHandler
var handler = new JwtSecurityTokenHandler();
SecurityToken token;
handler.ValidateToken(user.FirebaseToken, new TokenValidationParameters
{
IssuerSigningKeys = issuerSigningKeys,
ValidAudience = "myApp",
ValidIssuer = "https://securetoken.google.com/myApp",
IssuerSigningKeyResolver = (arbitrarily, declaring, these, parameters) => issuerSigningKeys
}, out token);
public class x509Metadata
{
public string KID { get; set; }
public string Certificate { get; set; }
public X509SecurityKey X509SecurityKey { get; set; }
public x509Metadata(string kid, string certificate)
{
KID = kid;
Certificate = certificate;
X509SecurityKey = BuildSecurityKey(Certificate);
}
private X509SecurityKey BuildSecurityKey(string certificate)
{
//Remove : -----BEGIN CERTIFICATE----- & -----END CERTIFICATE-----
var lines = certificate.Split('\n');
var selectedLines = lines.Skip(1).Take(lines.Length - 3);
var key = string.Join(Environment.NewLine, selectedLines);
return new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(key)));
}
}
//Download certificates from google
HttpClient client = new HttpClient();
var jsonResult = client.GetStringAsync("https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com").Result;
//Convert JSON Result
var x509Metadata = JObject.Parse(jsonResult)
.Children()
.Cast<JProperty>()
.Select(i => new x509Metadata(i.Path, i.Value.ToString()));
//Extract IssuerSigningKeys
var issuerSigningKeys = x509Metadata.Select(s => s.X509SecurityKey);
//Setup JwtTokenHandler
var handler = new JwtSecurityTokenHandler();
SecurityToken token;
handler.ValidateToken(user.FirebaseToken, new TokenValidationParameters
{
IssuerSigningKeys = issuerSigningKeys,
ValidAudience = "myApp",
ValidIssuer = "https://securetoken.google.com/myApp",
IssuerSigningKeyResolver = (arbitrarily, declaring, these, parameters) => issuerSigningKeys
}, out token);
public class x509Metadata
{
public string KID { get; set; }
public string Certificate { get; set; }
public X509SecurityKey X509SecurityKey { get; set; }
public x509Metadata(string kid, string certificate)
{
KID = kid;
Certificate = certificate;
X509SecurityKey = BuildSecurityKey(Certificate);
}
private X509SecurityKey BuildSecurityKey(string certificate)
{
//Remove : -----BEGIN CERTIFICATE----- & -----END CERTIFICATE-----
var lines = certificate.Split('\n');
var selectedLines = lines.Skip(1).Take(lines.Length - 3);
var key = string.Join(Environment.NewLine, selectedLines);
return new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(key)));
}
}