Get JWT claims directly from the token, ASP Net Core 2.1(直接从令牌获取 JWT 声明,ASP Net Core 2.1)
问题描述
我正在开发一个 ASP Net Core 2.1 Web API.我已经在我的项目中成功实现了 JWT.授权的一切工作正常.
通常,当我需要用户声明时,我知道我可以这样获得它们(例如电子邮件声明):
var claimIdentity = User.Identity as ClaimsIdentity;var emailClaim = claimIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);问题是,我不在从 ControllerBase 类继承的控制器中,所以我没有任何 User
对象或 [Authorize]
属性.
我拥有的是令牌本身.
例如
<预> <代码> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkbWluIiwiZW1haWwiOiJhZG1pbiIsIm5iZiI6MTU2ODYzNjYxMywiZXhwIjoxNTY4NjQ3NDEzLCJpYXQiOjE1Njg2MzY2MTN9.ED9x_AOvkLQqutb09yh3Huyv0ygHp_i3Eli8WG2S9N4
我想直接从令牌中获取声明,因为:
- 我可以访问令牌.
- 我不在Controller类中,请求没有经过任何
[Authorize]
属性,所以IHttpContextAccessor
也不能用.李>
如何在 ASP Net Core 2.1 中实现这一点?如果有人想看看我如何添加用户声明:
var tokenDescriptor = new SecurityTokenDescriptor{过期 = DateTime.UtcNow.AddHours(3),主题 = 新的 ClaimsIdentity(new[]{新声明(ClaimTypes.Name,电子邮件),新声明(ClaimTypes.Email、电子邮件)}),SigningCredentials = new SigningCredentials(密钥:新 SymmetricSecurityKey(密钥),算法:SecurityAlgorithms.HmacSha256Signature)};var token = tokenHandler.CreateToken(tokenDescriptor);
我位于一个派生自 IDocumentFilter
(Swagger 类)的类中
这是一个简单的解决方法:
var tokenDescriptor = new SecurityTokenDescriptor{过期 = DateTime.UtcNow.AddHours(3),主题 = 新的 ClaimsIdentity(new[]{新声明(ClaimTypes.Name,user@hotmail.com"),新声明(ClaimTypes.Email,user@hotmail.com")}),SigningCredentials = new SigningCredentials(密钥:新 SymmetricSecurityKey(密钥),算法:SecurityAlgorithms.HmacSha256Signature)};var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);var claim = token.Claims.First(c => c.Type == "email").Value;退货索赔;
I working on an ASP Net Core 2.1 Web API. I've implemented successfully JWT within my project. Everything with the Authorization works fine.
Normally, when I need user claims, I know I can get them like this (E.g. Email claim):
var claimsIdentity = User.Identity as ClaimsIdentity;
var emailClaim = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);
The thing is, I am not in a controller that inherits from ControllerBase
class, so I don't have any User
object or [Authorize]
attributes.
What I have though is the token itself.
e.g.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkbWluIiwiZW1haWwiOiJhZG1pbiIsIm5iZiI6MTU2ODYzNjYxMywiZXhwIjoxNTY4NjQ3NDEzLCJpYXQiOjE1Njg2MzY2MTN9.ED9x_AOvkLQqutb09yh3Huyv0ygHp_i3Eli8WG2S9N4
I want to get the claims directly from the token, because:
- I have access to the token.
- I am not located in a Controller class and the request is not going through any
[Authorize]
attributes, soIHttpContextAccessor
can't be used as well.
How can I achieve this in ASP Net Core 2.1? In case someone wants to see how I add the user claims:
var tokenDescriptor = new SecurityTokenDescriptor
{
Expires = DateTime.UtcNow.AddHours(3),
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, email),
new Claim(ClaimTypes.Email, email)
}),
SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
I'm located in a class that derives from IDocumentFilter
(Swagger class)
Here is a simple workaround:
var tokenDescriptor = new SecurityTokenDescriptor
{
Expires = DateTime.UtcNow.AddHours(3),
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, "user@hotmail.com"),
new Claim(ClaimTypes.Email, "user@hotmail.com")
}),
SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)
};
var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);
var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);
var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);
var claim = token.Claims.First(c => c.Type == "email").Value;
return claim;
这篇关于直接从令牌获取 JWT 声明,ASP Net Core 2.1的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:直接从令牌获取 JWT 声明,ASP Net Core 2.1
基础教程推荐
- MS Visual Studio .NET 的替代品 2022-01-01
- 有没有办法忽略 2GB 文件上传的 maxRequestLength 限制? 2022-01-01
- 如何激活MC67中的红灯 2022-01-01
- 将 XML 转换为通用列表 2022-01-01
- 为什么Flurl.Http DownloadFileAsync/Http客户端GetAsync需要 2022-09-30
- 如何在 IDE 中获取 Xamarin Studio C# 输出? 2022-01-01
- rabbitmq 的 REST API 2022-01-01
- 将 Office 安装到 Windows 容器 (servercore:ltsc2019) 失败,错误代码为 17002 2022-01-01
- c# Math.Sqrt 实现 2022-01-01
- SSE 浮点算术是否可重现? 2022-01-01