Fatal编程技术网
  • jwt/
  • 通过JWT Web令牌丢失索赔

通过JWT Web令牌丢失索赔

jwt

通过JWT Web令牌丢失索赔,jwt,asp.net-core-webapi,Jwt,Asp.net Core Webapi,我有以下代码在webapi核心应用程序中创建JWT令牌 var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = ne

我有以下代码在webapi核心应用程序中创建JWT令牌

var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
                var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);

                var claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Sub, userInfo.Username!=null?userInfo.Username:string.Empty),
                    new Claim(JwtRegisteredClaimNames.Email, userInfo.Email!=null?userInfo.Email:string.Empty),
                    new Claim(JwtRegisteredClaimNames.Jti, userInfo.AccountId!=null?userInfo.AccountId.ToString():Guid.Empty.ToString()),
                    new Claim(JwtRegisteredClaimNames.NameId, userInfo.UserId!=null?userInfo.UserId.ToString():Guid.Empty.ToString()),
                    new Claim(JwtRegisteredClaimNames.UniqueName, userInfo.ClientId!=null?userInfo.ClientId.ToString():Guid.Empty.ToString())
                };

                var token = new JwtSecurityToken(_config["Jwt:Issuer"],
                  _config["Jwt:Issuer"],
                  claims,
                  null,
                  expires: DateTime.Now.AddMinutes(20),
                  signingCredentials: credentials);

                return new JwtSecurityTokenHandler().WriteToken(token);
然而,当我试图在客户端调用webapi端点后恢复声明时,我只有以下声明。正如您所看到的,“JTI”声明没有问题,但是“UniqueName”声明丢失了

[0]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier: }
    [1]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress: }
    [2]: {jti: f7c5af77-d0c4-4026-9b33-2fe9fbf5ee28}
    [3]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier: 00000000-0000-0000-0000-000000000000}
    [4]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name: b34a1b42-df24-42a3-93d7-68e88523602f}
    [5]: {exp: 1581973428}
    [6]: {iss: Test.com}
    [7]: {aud: Test.com}
我需要做什么才能让索赔出现

请注意,我设置为JwtRegisteredClaimNames.UniqueName的声明确实出现在声明中,但不在该名称下。其值在项目下设置

[4]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name: b34a1b42-df24-42a3-93d7-68e88523602f}
但是,当使用以下内容时,这不会返回,因为它为空

identity.FindFirst(JwtRegisteredClaimNames.UniqueName).Value;
但是,当使用以下内容时,这不会返回,因为它为空

identity.FindFirst(JwtRegisteredClaimNames.UniqueName).Value;

identity.FindFirst(JwtRegisteredClaimNames.UniqueName).Value

要解决上述问题,可以尝试使用Startup.cs中的以下代码片段清除入站索赔类型映射


System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();


测试结果

为JwtRegisteredClaimNames.UniqueName设置测试值


//just for testing purpose

new Claim(JwtRegisteredClaimNames.UniqueName, "b34a1b42-df24-42a3-93d7-68e88523602f")


可以使用
identity.FindFirst(JwtRegisteredClaimNames.UniqueName)获取预期值。值