c# - JWT Web 令牌授权验证不提供声明数据
问题描述
JWT 令牌验证给出 null 首先我生成令牌,蚂蚁尝试使用授权处理程序验证令牌,但在处理要求异步函数中,所有声明都为空。我在其中生成令牌
[Route("GenrateToken")]
[HttpPost]
public async Task<string> GenerateJSONWebTokenAsync(mdlTookenRequest request )
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
List<Claim> _claim = new List<Claim>();
_claim.Add(new Claim("_CustomerId", request.CustomerId.ToString()));
_claim.Add(new Claim("_UserId", request.UserId.ToString()));
_claim.Add(new Claim("_CustomerType", ((int)request.customerType).ToString()));
_claim.Add(new Claim("_Name", request.Name ??""));
var token = new JwtSecurityToken(_config["Jwt:Issuer"],
_config["Jwt:audience"],
_claim,
expires: DateTime.Now.AddHours(Convert.ToInt32(_config["Jwt:tokenExpireinhour"])),
signingCredentials: credentials);
return new JwtSecurityTokenHandler().WriteToken(token);
}
但是在验证所有声明时给出空值。
public class AccessRightRequirement : IAuthorizationRequirement
{
public enmDocumentMaster accessRight;
public AccessRightRequirement(enmDocumentMaster accessRight)
{
this.accessRight = accessRight;
}
}
public class AccessRightHandler: AuthorizationHandler<AccessRightRequirement>
{
private readonly ICurrentUsers _currentUser;
public AccessRightHandler(ICurrentUsers currentUser)
{
_currentUser = currentUser;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AccessRightRequirement requirement)
{
var data=context.User.Claims.FirstOrDefault(c => c.Type == "_UserId")?.Value;
if (data=="1")
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
我的启动配置是这样的。
public void ConfigureServices(IServiceCollection services)
{
services.AddHttpContextAccessor();
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader());
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Issuer"],
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"])),
};
});
services.AddAuthorization(options =>
{
foreach (enmDocumentMaster _enm in Enum.GetValues(typeof(enmDocumentMaster)))
{
options.AddPolicy(_enm.ToString(), policy => policy.Requirements.Add(new AccessRightRequirement(_enm)));
}
});
services.AddScoped<IAuthorizationHandler, AccessRightHandler>();
services.AddDbContext<DBContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")), ServiceLifetime.Transient);
services.AddScoped<IAccount>(ctx => new Account(ctx.GetRequiredService<DBContext>(), ctx.GetRequiredService<IConfiguration>()));
services.AddScoped<ICurrentUsers>(ctx => new CurrentUsers( ctx.GetRequiredService<DBContext>()));
//services.AddScoped<ICurrentUsers>(ctx => new CurrentUsers(ctx.GetRequiredService<IHttpContextAccessor>(), ctx.GetRequiredService<DBContext>()));
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "B2BApis", Version = "v1" });
});
}
解决方案
您可以尝试使用此代码从索赔中获取用户
public int? GetUserId()
{
int? userId = null;
var identity = HttpContext.User.Identity as ClaimsIdentity;
var userIdObj = identity == null ? null :
identity.Claims.FirstOrDefault(x => x.Type == "_UserId");
if (userIdObj != null) userId = Convert.ToInt32(userIdObj.Value);
return userId;
}
推荐阅读
- powershell - 选择驱动器号更改的 USB 闪存驱动器
- jboss - 在 Solaris 11.1 环境中将 JBoss 升级到 wildfly 后出现 Hazelcast 错误
- xmpp - 使用 ejabberd 将 nick 字段添加到注册新的 xmpp 用户名
- android - 如何使用相机类旋转捕获的图像
- php - Laravel 5.6:验证错误后防止输入字段重新填充
- c# - 并行任务的意外输出
- php - 插入忽略失败并显示 auto_increment
- c# - 使用进程类从 C# 执行 python 代码
- rest - Like REST api url 端点中的参数
- r - 创建具有逻辑比较作为输入 R 的函数