1. 首页
  2. 问答
  3. .net核心中的JWT授权 - 与OAuth服务器通信

.net核心中的JWT授权 - 与OAuth服务器通信

2017-09-13 114 views
0

我开始使用JWT授权构建新应用程序。我们的团队已经有用Java编写的OAuth 2服务器,所以我的目标是:使用公钥检查密钥。 但我不知道该怎么做。如果我使用.net身份,我必须使用实体框架,但我只使用Cassandra作为数据库。.net核心中的JWT授权 - 与OAuth服务器通信

如何在不使用EF的情况下实现它?你知道任何教程吗?

来源

2017-09-13 R.Prog

回答

0

有很多微软(和其他)文件可用(确保你正在查看与你正在使用的版本相关的文档!) - 谷歌搜索将很容易地找到它们,但是EF当然不是必需的见下面。

没有身份或用户信息由应用程序直接管理。相反,它将直接从JWT令牌获取所需的所有用户信息,以验证呼叫者的身份。 https://blogs.msdn.microsoft.com/webdev/2017/04/06/jwt-validation-and-authorization-in-asp-net-core/

下面是1.1版 https://github.com/williamhallatt/aspnet-core-webapi-jwt-auth-example

和相同的例子一个简单的例子为2.0 https://github.com/williamhallatt/aspnet-core-webapi-jwt-auth-example/tree/dotnecore2.0

来源

2017-09-13 09:52:23 Steveland83

0

你不需要任何ASP.NET核心的东西。一个简单的方法是:

怒江得到

System.IdentityModel.Tokens.Jwt, 
Microsoft.IdentityModel.Tokens

设置一些参数验证的软件包:

var validationParameters = new TokenValidationParameters 
{ 
    RequireExpirationTime = true, 
    ValidateLifetime = true, 
    IssuerSigningKeys = keys, // Your public keys. 
    ValidAudience = "my valid audience", 
    ValidIssuer = "my valid issuer" 
}

呼叫ValidateToken获得ClaimsPrincipal索赔和东西。 token是您的JWT字符串,例如从授权HTTP头解析。

var handler = new JwtSecurityTokenHandler(); 
handler.ValidateToken(token, validationParameters, out SecurityToken validatedToken);

从上面IdentityModel.Tokens包使用JsonWebKeySet,则可以自动地获得一个ID连接配置键:

https://github.com/IdentityModel/IdentityModel/blob/master/source/IdentityModel.Shared/Jwt/JsonWebKeySet.cs

来源

2017-09-13 10:14:06 mbnx

+0

如果我决定使用blogs.msdn.microsoft.com/webdev/2017/04/06/...如何通过发布密钥在本地实例中设置验证令牌? –

0

当我试试这个方法:https://github.com/williamhallatt/aspnet-core-webapi-jwt-auth-example

我得到异常:

System.InvalidOperationException: No authentication handler is configured to handle the scheme: Automatic 
    at Microsoft.AspNetCore.Http.Authentication.Internal.DefaultAuthenticationManager.<ChallengeAsync>d__13.MoveNext() 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
    at Microsoft.AspNetCore.Mvc.ChallengeResult.<ExecuteResultAsync>d__14.MoveNext() 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
    at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeResultAsync>d__30.MoveNext() 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
    at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeAsync>d__20.MoveNext() 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
    at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext() 
--- End of stack trace from previous location where exception was thrown --- 
    at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 
    at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 
    at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()

来源

2017-09-13 12:50:18

相关问题

 相关问题