using CommonUse;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using System.Text;
namespace API_JWT_Test
{
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
//builder.Services.AddAuthorization();
//开启Controller(1),作用是将控制器及其相关的服务注册到依赖注入容器中
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
#region 读取配置信息
builder.Configuration.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true);
var secretKeyString = builder.Configuration["JWT:SecretKey"];
if (secretKeyString == null)
{
throw new ArgumentNullException("JWT:SecretKey配置项未设置,请检查配置文件");
}
JwtHelper.TokenParameter_Issuer = builder.Configuration["JWT:Issuer"] ?? "";
JwtHelper.TokenParameter_Audience = builder.Configuration["JWT:Audience"] ?? "";
JwtHelper.TokenParameter_SecretKey = builder.Configuration["JWT:SecretKey"] ?? "";
#endregion
#region JWT相关
//添加JWT身份验证服务
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否效验Issuer
ValidateAudience = true,//是否效验Audience
ValidateLifetime = true,//是否验证失效时间
ValidateIssuerSigningKey = true,//是否效验SigningKey
ValidIssuer = JwtHelper.TokenParameter_Issuer,//颁发者
ValidAudience = JwtHelper.TokenParameter_Audience,//接收者
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtHelper.TokenParameter_SecretKey))
};
});
//配置Swagger身份验证输入(可选)
builder.Services.AddSwaggerGen(options =>
{
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "请输入token,格式为 【Bearer JWT字符串】(注意中间必须有空格)",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
BearerFormat = "JWT",
Scheme = "Bearer"
});
//添加安全要求
options.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme(){
Reference =new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id ="Bearer"
}
},
new string[]{ }
}
});
});
#endregion
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
//中间件,用于配置应用的身份验证机制。身份验证的目的是识别用户并将用户的身份信息添加到HttpContext.User中,以便后续的授权操作可以使用这些信息
app.UseAuthentication();
//中间件,用于检查用户是否有权限访问特定的资源。它的主要作用是根据HttpContext.User中的身份信息,判断用户是否有权访问请求的资源
app.UseAuthorization();
//开启Map(2),将controllerl里面的action映射为我们的终结点
app.MapControllers();
app.Run();
}
}
}
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
namespace CommonUse
{
/// <summary>
/// https://jwt.io/
/// https://www.bilibili.com/video/BV1XN4y1x758/?spm_id_from=333.337.search-card.all.click&vd_source=de08aa2783692e0d4b1d0d24ef1cac94
/// </summary>
public class JwtHelper
{
/// <summary>
/// 颁发者
/// </summary>
public static string TokenParameter_Issuer = "Redefine";
/// <summary>
/// 接收者
/// </summary>
public static string TokenParameter_Audience = "Redefine";
/// <summary>
/// 签名秘钥,用于签名和验证令牌的密钥,需要保密
/// </summary>
public static string TokenParameter_SecretKey = "";
/// <summary>
/// AccessToken过期时间(分钟)
/// </summary>
public static int TokenParameter_AccessExpiration = 30;
/// <summary>
/// JWT生成的Token,共有三部分组成(使用逗号隔开),前两个用Base64进行编码,可以直接解码出明文,第三个为加密后的内容,用于验证明文内容(解密需使用Secret)
/// </summary>
/// <param name="userInfo"></param>
/// <returns></returns>
public static string GenerateJsonWebToken(User userInfo)
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TokenParameter_SecretKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claimsIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
claimsIdentity.AddClaim(new Claim("ID", "1001"));
claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, userInfo.UserName));
claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "超级管理员"));
var token = new JwtSecurityToken(TokenParameter_Issuer,
TokenParameter_Audience,
claimsIdentity.Claims,
expires: DateTime.Now.AddMinutes(TokenParameter_AccessExpiration),
signingCredentials: credentials);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
public class User
{
public string UserName { get; set; } = "";
public string UserPwd { get; set; } = "";
}
}
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;
namespace API_JWT_Test
{
[Authorize]
[Route("api/[controller]/[Action]")]
[ApiController]
public class TestController : ControllerBase
{
[HttpPost]
public ActionResult GetTestInfo()
{
var claimsPrincipal = this.HttpContext.User;
var name = claimsPrincipal.Claims.FirstOrDefault(r => r.Type == ClaimTypes.Name)?.Value;
var role = claimsPrincipal.Claims.FirstOrDefault(r => r.Type == ClaimTypes.Role)?.Value;
var id = claimsPrincipal.Claims.FirstOrDefault(x => x.Type == "ID")?.Value;
Dictionary<string, object?> dic = new Dictionary<string, object?>();
dic["Code"] = 1;
dic["UseID"] = id;
dic["Msg"] = "token 认证 成功";
return Ok(dic);
}
}
}
using CommonUse;
using Microsoft.AspNetCore.Mvc;
namespace WebApplication1.Controllers
{
[Route("api/[controller]/[Action]")]
[ApiController]
public class AuthController : ControllerBase
{
[HttpPost]
public ActionResult GetToken(User user)
{
if (user.UserName == "admin" && user.UserPwd == "123456")
{
string token = JwtHelper.GenerateJsonWebToken(user);
return Ok(token);
}
Dictionary<string, object> data = new Dictionary<string, object>();
data["code"] = 2;
data["msg"] = "帐号或密码错误";
return Ok(data);
}
}
}
浙公网安备 33010602011771号