.NET Core-JWT-解密令牌? (Claims.First returns 'Sequence contains no matching element')
.NET Core - JWT - decrypt token ? (Claims.First returns 'Sequence contains no matching element')
我将我的 jwt 令牌作为不记名发送 header 以便它得到验证
现在我想解密令牌以获取用户 ID 以检查其作用和其他信息
我认为这样做的最佳位置是中间件过滤器
但是如何解密令牌?
tokenS.Claims.First returns 'Sequence contains no matching element'
public async void OnAuthorization(AuthorizationFilterContext context)
{
var req = context.HttpContext.Request;
//---------------------------------------- jwt
var stream = req.Headers[HeaderNames.Authorization];
var tokenHandler = new JwtSecurityTokenHandler();
var bearer = stream[0].Split(" ");
var jsonToken = tokenHandler.ReadToken(bearer[1]);
var tokenS = tokenHandler.ReadToken(stream) as JwtSecurityToken;
var jti = tokenS.Claims.First(claim => claim.Type == ClaimTypes.Name);
这是我在用户验证时加密令牌的方式
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(settings.JwtSecret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
感谢你在这方面帮助我
根据你的描述,我发现你的jwt令牌生成方法中没有任何发行者或受众,我建议你可以尝试使用下面的JWT生成代码,然后它会很好地工作。
加密方式:
public static string GetToken2() {
var key = Encoding.ASCII.GetBytes
("YourKey-2374-OFFKDI940NG7:56753253-tyuw-5769-0921-kfirox29zoxv");
//Generate Token for user
var JWToken = new JwtSecurityToken(
issuer: "http://localhost:45092/",
audience: "http://localhost:45092/",
claims: new List<Claim>
{
new Claim(ClaimTypes.Name, "Users2222" )
},
notBefore: new DateTimeOffset(DateTime.Now).DateTime,
expires: new DateTimeOffset(DateTime.Now.AddDays(1)).DateTime,
//Using HS256 Algorithm to encrypt Token
signingCredentials: new SigningCredentials
(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
);
string token = new JwtSecurityTokenHandler().WriteToken(JWToken);
return token;
}
中间件:
app.Use(async (context, next) =>
{
// you could get from token or get from session.
string token = context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(token))
{
var tok = token.Replace("Bearer ", "");
var jwttoken = new JwtSecurityTokenHandler().ReadJwtToken(tok);
var jti = jwttoken.Claims.First(claim => claim.Type == ClaimTypes.Name);
}
await next();
});
结果:
我将我的 jwt 令牌作为不记名发送 header 以便它得到验证
现在我想解密令牌以获取用户 ID 以检查其作用和其他信息
我认为这样做的最佳位置是中间件过滤器
但是如何解密令牌?
tokenS.Claims.First returns 'Sequence contains no matching element'
public async void OnAuthorization(AuthorizationFilterContext context)
{
var req = context.HttpContext.Request;
//---------------------------------------- jwt
var stream = req.Headers[HeaderNames.Authorization];
var tokenHandler = new JwtSecurityTokenHandler();
var bearer = stream[0].Split(" ");
var jsonToken = tokenHandler.ReadToken(bearer[1]);
var tokenS = tokenHandler.ReadToken(stream) as JwtSecurityToken;
var jti = tokenS.Claims.First(claim => claim.Type == ClaimTypes.Name);
这是我在用户验证时加密令牌的方式
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(settings.JwtSecret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
感谢你在这方面帮助我
根据你的描述,我发现你的jwt令牌生成方法中没有任何发行者或受众,我建议你可以尝试使用下面的JWT生成代码,然后它会很好地工作。
加密方式:
public static string GetToken2() {
var key = Encoding.ASCII.GetBytes
("YourKey-2374-OFFKDI940NG7:56753253-tyuw-5769-0921-kfirox29zoxv");
//Generate Token for user
var JWToken = new JwtSecurityToken(
issuer: "http://localhost:45092/",
audience: "http://localhost:45092/",
claims: new List<Claim>
{
new Claim(ClaimTypes.Name, "Users2222" )
},
notBefore: new DateTimeOffset(DateTime.Now).DateTime,
expires: new DateTimeOffset(DateTime.Now.AddDays(1)).DateTime,
//Using HS256 Algorithm to encrypt Token
signingCredentials: new SigningCredentials
(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
);
string token = new JwtSecurityTokenHandler().WriteToken(JWToken);
return token;
}
中间件:
app.Use(async (context, next) =>
{
// you could get from token or get from session.
string token = context.Request.Headers["Authorization"];
if (!string.IsNullOrEmpty(token))
{
var tok = token.Replace("Bearer ", "");
var jwttoken = new JwtSecurityTokenHandler().ReadJwtToken(tok);
var jti = jwttoken.Claims.First(claim => claim.Type == ClaimTypes.Name);
}
await next();
});
结果: