namespace JWTWebApi.JWT;
public class JwtOptions
{
/// <summary>
/// 签发者
/// </summary>
public string Issuer { get; set; }
/// <summary>
/// 接收者
/// </summary>
public string Audience { get; set; }
/// <summary>
/// 密钥
/// </summary>
public string Key { get; set; }
/// <summary>
/// 过期时间
/// </summary>
public int ExpireSeconds { get; set; }
}
"JWT": {
"Issuer": "签发方",
"Audience": "接受方",
"Key": "A86DA130-1B95-4748-B3B2-1B6AA9F2F743",//加密密钥
"ExpireSeconds": 6004 //密钥过期时间
}
using System.Text;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using Microsoft.Extensions.Options;
namespace JWTWebApi.JWT;
public static class JWTExtensions
{
public static AuthenticationBuilder AddJWTAuthentication(this IServiceCollection services, IConfiguration configurationManager)
{
JwtOptions jwtOptions = configurationManager.GetSection("JWT").Get<JwtOptions>();
return services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(x =>
{
x.TokenValidationParameters = new()
{
ValidateIssuer = true,//是否验证发行商
ValidateAudience = true,//是否验证受众者
ValidateLifetime = true,//是否验证失效时间
ValidateIssuerSigningKey = true,//是否验证签名键
ValidIssuer = jwtOptions.Issuer,
ValidAudience = jwtOptions.Audience,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtOptions.Key))
};
});
}
}
using System.Security.Claims;
namespace JWTWebApi.JWT;
public interface IJwtService
{
string BuildToken(IEnumerable<Claim> claims, JwtOptions options);
}
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.IdentityModel.Tokens;
namespace JWTWebApi.JWT;
public class JwtService : IJwtService
{
public string BuildToken(IEnumerable<Claim> claims, JwtOptions options)
{
//过期时间
TimeSpan timeSpan = TimeSpan.FromSeconds(options.ExpireSeconds);//token过期时间
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(options.Key));//加密的token密钥
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);//签名证书,其值为securityKey和HmacSha256Signature算法
var tokenDescriptor = new JwtSecurityToken(options.Issuer, options.Audience, claims, expires: DateTime.Now.Add(timeSpan), signingCredentials: credentials);//表示jwt token的描述信息,其值包括Issuer签发方,Audience接收方,Claims载荷,过期时间和签名证书
return new JwtSecurityTokenHandler().WriteToken(tokenDescriptor);//使用该方法转换为字符串形式的jwt token返回
}
}
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.SwaggerGen;
namespace JWTWebApi.JWT;
public static class SwaggerGenOptionsExtensions
{
/// <summary>
/// 为swagger增加Authentication报文头
/// </summary>
/// <param name="option"></param>
public static void AddAuthenticationHeader(this SwaggerGenOptions option)
{
option.AddSecurityDefinition("Authorization",
new OpenApiSecurityScheme
{
Description = "Authorization header. \r\nExample:Bearer 12345ABCDE",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
Scheme = "Authorization"
}
); ;
option.AddSecurityRequirement(new OpenApiSecurityRequirement()
{
{
new OpenApiSecurityScheme
{
Reference=new OpenApiReference
{
Type=ReferenceType.SecurityScheme,
Id="Authorization"
},
Scheme="oauth2",
Name="Authorization",
In=ParameterLocation.Header,
},
new List<string>()
}
});
}
}
#region JWT
builder.Services.AddScoped<IJwtService, JwtService>();
builder.Services.AddJWTAuthentication(builder.Configuration);
builder.Services.Configure<SwaggerGenOptions>(c =>
{
c.AddAuthenticationHeader();
});
#endregion
浙公网安备 33010602011771号