c# 使用 jwt
基于 oauth2.0 协议,
具体原理可以参考:https://www.ruanyifeng.com/blog/2018/07/json_web_token-tutorial.html
public class JWTHelper
{
private const string salt = "123";//盐
//获得jwt令牌
public static string Create(string info)
{
Dictionary<string, string> header = new Dictionary<string, string>();
header.Add("alg", "MD5");
header.Add("typ", "JWT");
Dictionary<string, object> payload = new Dictionary<string, object>();
//JWT 官方字段
DateTime now = System.DateTime.Now;
payload.Add("exp", now.AddHours(24));//过期时间
payload.Add("nbf", now);//生效时间
payload.Add("iat", now);//签发时间
//jwt 特有字段
payload.Add("info", info);
string base64Header = Base64Url(Newtonsoft.Json.JsonConvert.SerializeObject(header));
string base64Payload = Base64Url(Newtonsoft.Json.JsonConvert.SerializeObject(payload));
string tmp = base64Header + "." + base64Payload;
string sign = Md5(tmp + salt);//加盐
return base64Header + "." + base64Payload + "." + sign;
}
//校验是否合法,是否过期
public static bool Check(string token, out string info)
{
info= "";
try
{
string[] arr = token.Split('.');
string base64Header = arr[0];
string base64Payload = arr[1];
string sign = arr[2];
var signCheck = Md5(base64Header + "." + base64Payload + salt);
if (signCheck != sign)
{
return false;
}
var dic = Newtonsoft.Json.JsonConvert.DeserializeObject<Dictionary<string, object>>(Base64UrlDecode(base64Payload));
if (Convert.ToDateTime(dic["exp"]) < System.DateTime.Now)
{
//过期了
return false;
}
info = dic["info"].ToString();
return true;
}
catch (Exception err)
{
return false;
}
}
//获得base64编码
private static string Base64Url(string input)
{
//Base64 有三个字符+、/和=,在 URL 里面有特殊含义,所以要被替换掉:=被省略、+替换成-,/替换成_ 。
string output = "";
byte[] bytes = System.Text.Encoding.UTF8.GetBytes(input);
try
{
output = Convert.ToBase64String(bytes).Replace('+', '-').Replace('/', '_').TrimEnd('=');
}
catch (Exception e)
{
throw e;
}
return output;
}
//获得base64解码
private static string Base64UrlDecode(string input)
{
string output = "";
input = input.Replace('-', '+').Replace('_', '/');
switch (input.Length % 4)
{
case 2:
input += "==";
break;
case 3:
input += "=";
break;
}
byte[] bytes = Convert.FromBase64String(input);
try
{
output = System.Text.Encoding.UTF8.GetString(bytes);
}
catch
{
output = input;
}
return output;
}
//获得md5校验码
private static string Md5(string input, int bit = 16)
{
System.Security.Cryptography.MD5CryptoServiceProvider md5Hasher = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] hashedDataBytes;
hashedDataBytes = md5Hasher.ComputeHash(System.Text.Encoding.GetEncoding("gb2312").GetBytes(input));
System.Text.StringBuilder tmp = new System.Text.StringBuilder();
foreach (byte i in hashedDataBytes)
{
tmp.Append(i.ToString("x2"));
}
if (bit == 16)
return tmp.ToString().Substring(8, 16);
else
if (bit == 32) return tmp.ToString();//默认情况
else return string.Empty;
}
}
浙公网安备 33010602011771号