Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
CDHABOOK
/
IESETL
2
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: 46ffd4f2f9
Branchit Tagit
IESETL
/
CMS
/
Extension
/
Jwt
/
JwtHelper.cs

JwtHelper.cs 4.1 KB
Historia Raaka

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. using CMS.Context;
    2. 

  2. using CMS.Extension.Jwt;
    3. 

  3. using IdentityModel;
    4. 

  4. using Microsoft.Extensions.Configuration;
    5. 

  5. using Microsoft.IdentityModel.Tokens;
    6. 

  6. using Newtonsoft.Json.Linq;
    7. 

  7. using System;
    8. 

  8. using System.Collections;
    9. 

  9. using System.Collections.Generic;
    10. 

  10. using System.IdentityModel.Tokens.Jwt;
    11. 

  11. using System.Linq;
    12. 

  12. using System.Security.Claims;
    13. 

  13. using System.Security.Cryptography;
    14. 

  14. using System.Threading.Tasks;
    15. 

  15. using TEAMModelOS.SDK.Extension.JwtAuth.Models;
    16. 

  16. using TEAMModelOS.SDK.Helper.Common.JsonHelper;
    17. 

  17. using TEAMModelOS.SDK.Helper.Security.RSACrypt;
    18. 

  18. 

  19. namespace HiTeachCE.Extension
    20. 

  20. {
    21. 

  21.     public class JwtHelper
    22. 

  22.     {
    23. 

  23.         /// <summary>
    24. 

  24.         /// 颁发JWT Token
    25. 

  25.         /// </summary>
    26. 

  26.         /// <param name="claimModel"></param>
    27. 

  27.         /// <param name="tokenModel"></param>
    28. 

  28.         /// <returns></returns>
    29. 

  29.         public static JwtResponse IssueJWT(ClaimModel claimModel)
    30. 

  30.         {
    31. 

  31.             // JwtClient jwtClient = null;
    32. 

  32.             Extension.JwtSetting setting = BaseConfigModel.Configuration.GetSection("JwtSetting").Get<Extension.JwtSetting>();
    33. 

  33.             JwtClient jwtClient = setting.JwtClient.Where(x => x.Name.Equals(claimModel.Scope)).First();
    34. 

  34.             //foreach (JwtClient client in setting.JwtClient) {
    35. 

  35.             //    if (claimModel.Scope.Equals(client.Name)) {
    36. 

  36.             //        jwtClient = client;
    37. 

  37.             //        break; 
    38. 

  38.             //    }
    39. 

  39.             //}
    40. 

  40.             List<Claim> claims = new List<Claim>();
    41. 

  41.             var dateTime = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds();
    42. 

  42.             claims.AddRange(claimModel.Claims);
    43. 

  43.             claims.Add(new Claim(JwtClaimTypes.IssuedAt, dateTime + "", ClaimValueTypes.Integer64));
    44. 

  44.             claims.Add(new Claim(JwtClaimTypes.NotBefore, dateTime + "", ClaimValueTypes.Integer64));
    45. 

  45.             claims.Add(new Claim(JwtClaimTypes.Expiration, dateTime + jwtClient.Exp + "", ClaimValueTypes.Integer64));
    46. 

  46.             claims.Add(new Claim(JwtClaimTypes.Audience, setting.Audience));
    47. 

  47.             claims.Add(new Claim(JwtClaimTypes.Issuer, setting.Issuer));
    48. 

  48.             claims.Add(new Claim(JwtClaimTypes.Scope, claimModel.Scope));
    49. 

  49.             claims.Add(new Claim(JwtClaimTypes.JwtId, Guid.NewGuid().ToString()));
    50. 

  50.             //claims.AddRange(claimModel.Roles.Select(s=>new Claim(JwtClaimTypes.Role, s)));
    51. 

  51.             //claims.AddRange(claimModel.Claims.Select(s => new Claim(ClaimTypes.Role, s)));
    52. 

  52.             string path = BaseConfigModel.ContentRootPath;
    53. 

  53.             var creds = RsaHelper.GenerateSigningCredentials(path + "/private.pem");
    54. 

  54.             var jwt = new JwtSecurityToken(
    55. 

  55.                 issuer: setting.Issuer,
    56. 

  56.                 claims: claims,
    57. 

  57.                 signingCredentials: creds
    58. 

  58.                 );
    59. 

  59.             var jwtHandler = new JwtSecurityTokenHandler();
    60. 

  60.             return new JwtResponse
    61. 

  61.             {
    62. 

  62.                // Token_type = "Bearer",
    63. 

  63.                 Access_token = jwtHandler.WriteToken(jwt),
    64. 

  64.                 Scope = claimModel.Scope
    65. 

  65.             };
    66. 

  66.         }
    67. 

  67.         /// <summary>
    68. 

  68.         /// 解析jwt
    69. 

  69.         /// </summary>
    70. 

  70.         /// <param name="jwtStr"></param>
    71. 

  71.         /// <returns></returns>
    72. 

  72.         public static ClaimModel SerializeJWT(string jwtStr)
    73. 

  73.         {
    74. 

  74. 

  75.             ///https://www.cnblogs.com/JacZhu/p/6837676.html#Update2.0  刷新     用户的 Token 在过期时间之内根本无法手动设置失效,随之而来的还有重放攻击等等问题
    76. 

  76. 

  77. 

  78.             var jwtHandler = new JwtSecurityTokenHandler();
    79. 

  79.             if (string.IsNullOrEmpty(jwtStr))
    80. 

  80.             {
    81. 

  81.                 return null;
    82. 

  82.             }
    83. 

  83.             JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr);
    84. 

  84.             jwtToken.Payload.TryGetValue(JwtClaimTypes.Role, out object role);
    85. 

  85.             ClaimModel claimModel = new ClaimModel();
    86. 

  86.             Dictionary<string, object> claimDict = new Dictionary<string, object>();
    87. 

  87.             foreach (Claim claim in jwtToken.Claims)
    88. 

  88.             {
    89. 

  89.                 claimDict.TryAdd(claim.Type, claim.Value);
    90. 

  90.             }
    91. 

  91.             claimDict[JwtClaimTypes.Role] = role;
    92. 

  92.             claimModel.Claim = claimDict;
    93. 

  93.             claimModel.Claims = jwtToken.Claims.ToList();
    94. 

  94.             return claimModel;
    95. 

  95.         }
    96. 

  96.     }
    97. 

  97. }
    98.