JWT.net 操作实践方法
1.jwt定义
jwt(json web token)是一种用于双方之间传递安全信息的简洁的、url安全的表述性声明规范。jwt作为一个开放的标准( rfc 7519 ),定义了一种简洁的,自包含的方法用于通信双方之间以json对象的形式安全的传递信息。因为数字签名的存在,这些信息是可信的,jwt可以使用hmac算法或者是rsa的公私秘钥对进行签名。
2.jwt的组成部分
(1)jwt一般由三段构成,用.号分隔开,第一段是header,第二段是payload,第三段是signature,
例如:
eyjhbgcioijiuzi1niisinr5cci6ikpxvcj9.eyjzdwiioiixmjm0nty3odkwiiwibmftzsi6ikpvag4grg9liiwiywrtaw4ionrydwv9.tjva95orm7e2cbab30rmhrhdcefxjoyzgefonfh7hgq
3.jwt.net 使用
首先,需要先引入jwt.net,可通过nuget的方式添加:install-package jwt -version 2.4.2(自己选择合适的版本)
(1)创建token,此处,我们只需要自定义payload和secrect密钥即可,可生成三段格式的字符串
var payload = new dictionary<string, object>
{
{ "claim1", 0 },
{ "claim2", "claim2-value" }
};
var secret = "gqdstcksx0nhjpouxoyg5mbej1xt0ufiwdvvvbrk";
ijwtalgorithm algorithm = new hmacsha256algorithm();
ijsonserializer serializer = new jsonnetserializer();
ibase64urlencoder urlencoder = new jwtbase64urlencoder();
ijwtencoder encoder = new jwtencoder(algorithm, serializer, urlencoder);
var token = encoder.encode(payload, secret);
console.writeline(token);
(2)token解密,可看到输出为{ "claim1": 0, "claim2": "claim2-value" },可以用json["claim1"],json["claim2"]的方式获取各个值,此处json为idictionary<string,object>类型token解密,可看到输出为{ "claim1": 0, "claim2": "claim2-value" },可以用json["claim1"],json["claim2"]的方式获取各个值,此处json为idictionary<string,object>类型
var token = "eyj0exaioijkv1qilcjhbgcioijiuzi1nij9.eyjjbgfpbteiojasimnsywltmii6imnsywltmi12ywx1zsj9.8pwbi_htxqi3ugqhq_rdrnsqrxfl1sr8fbqos-5km5s";
var secret = "gqdstcksx0nhjpouxoyg5mbej1xt0ufiwdvvvbrk";
try
{
ijsonserializer serializer = new jsonnetserializer();
idatetimeprovider provider = new utcdatetimeprovider();
ijwtvalidator validator = new jwtvalidator(serializer, provider);
ibase64urlencoder urlencoder = new jwtbase64urlencoder();
ijwtdecoder decoder = new jwtdecoder(serializer, validator, urlencoder);
var json = decoder.decode(token, secret, verify: true);
console.writeline(json);
}
catch (tokenexpiredexception)
{
console.writeline("token has expired");
}
catch (signatureverificationexception)
{
console.writeline("token has invalid signature");
}
(3)添加过期时间,过期时间即这个时间之后jwt不接受处理,时间的有效值为某一时刻和1970/1/1 00:00:00 相差的秒数
下面的例子是当前时间到1970/1/1 00:00:00 的秒数,即过期时间为当前时间。如果设置为当前时间+10秒,可添加secondssinceepoch=secondssinceepoch+10
idatetimeprovider provider = new utcdatetimeprovider();
var now = provider.getnow();
var unixepoch = new datetime(1970, 1, 1, 0, 0, 0, datetimekind.utc); // or use jwtvalidator.unixepoch
var secondssinceepoch = math.round((now - unixepoch).totalseconds);
var payload = new dictionary<string, object>
{
{ "exp", secondssinceepoch }
};
var secret = "gqdstcksx0nhjpouxoyg5mbej1xt0ufiwdvvvbrk";
var token = encoder.encode(payload, secret);
var json = decoder.decode(token, secret); // tokenexpiredexception
(4)也可自定义json解析器,只要继承ijsonserializer接口
public class customjsonserializer : ijsonserializer
{
public string serialize(object obj)
{
// implement using favorite json serializer
}
public t deserialize<t>(string json)
{
// implement using favorite json serializer
}
}
使用该解析器
ijwtalgorithm algorithm = new hmacsha256algorithm(); ijsonserializer serializer = new customjsonserializer(); ibase64urlencoder urlencoder = new jwtbase64urlencoder(); ijwtencoder encoder = new jwtencoder(algorithm, serializer, urlencoder);
以上这篇jwt.net 操作实践方法就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持。