c# - 需要检查 jwt 令牌在 asp.net 核心中是否有效/过期
问题描述
为了生成 JWT 令牌,我使用以下代码:
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_consumerConfiguration.SecretKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, "ConsumerId")
}),
Expires = DateTime.Now.AddMinutes(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
这是我在 RegisterServices 中的代码
var appSettingsSection = configuration.GetSection("ConsumerConfiguration");
services.Configure<ConsumerConfiguration>(appSettingsSection);
var appSettings = appSettingsSection.Get<ConsumerConfiguration>();
var key = Encoding.ASCII.GetBytes(appSettings.SecretKey);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
services.AddScoped<Microsoft.AspNetCore.Authorization.IAuthorizationHandler, ConsumerAuthorizationHandler>();
我使用它作为过滤器在应用程序中全局注册自定义授权处理程序:
var policy = new AuthorizationPolicyBuilder().RequireCustomClaim(ClaimTypes.Name).
AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme).Build();
options.Filters.Add(new AuthorizeFilter(policy));
})
这是我的自定义授权处理程序
#region constructor
public ConsumerAuthorizationHandler(IOptions<ConsumerConfiguration> consumerConfiguration)
{
_consumerConfiguration = consumerConfiguration.Value;
}
#endregion
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CustomRequireClaim requirement)
{
if (!_consumerConfiguration.EnableAuthorizationFilter)
context.Succeed(requirement);
var hasClaim = context.User.Claims.Any(x => x.Type == requirement.ClaimType);
if (hasClaim)
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
public static class AuthorizationPolicyBuilderExtensions
{
public static AuthorizationPolicyBuilder RequireCustomClaim(this AuthorizationPolicyBuilder builder, string claimType)
{
return builder.AddRequirements(new CustomRequireClaim(claimType));
}
}
问题是:如何检查 JWT 是否过期?令牌似乎没有过期。我必须添加什么代码才能检查令牌是否过期?
解决方案
默认情况下,身份验证流程会为您处理此问题。它甚至在您达到授权层之前就会发生。
推荐阅读
- r - 在 tidymodels 中从 rsample 实现 loo_cv
- python - 如何检查用户输入是否严格按字母顺序排列?
- python - 如何仅迭代 Itertool 组合中的某些位置
- html - 如何应用工具提示箭头三角形阴影
- python - 从python中的特定文件夹获取文件
- java - 如何使用 RemoteViews getText().toString() 一个 TextView?
- javascript - 如何使用 fs 和 JSONStream 写入一个巨大的文件而不触发 RangeError: 超出最大调用堆栈大小
- vue.js - 在动态组件注册期间是否可以访问 VueX Getter
- nativescript - 在 nativescript-vue 中使用 Font Awesome
- php - 实现类的通用初始化