1
我一直在使用asp.net 5 rc-1
和JWT tokens
ASP.NET 5 JWT令牌驗證在資源服務器
創建認證服務器這是我startup.cs
代碼
var key = new RsaSecurityKey(new RSACryptoServiceProvider(2048).ExportParameters(true));
TokenAuthOptions tokenOptions = new TokenAuthOptions()
{
Audience = "webappname",
Issuer = "http://webappname.com",
Key = key,
SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha512Signature)
};
app.UseJwtBearerAuthentication(options =>
{
options.TokenValidationParameters.IssuerSigningKey = tokenOptions.Key;
options.TokenValidationParameters.ValidAudience = tokenOptions.Audience;
options.TokenValidationParameters.ValidIssuer = tokenOptions.Issuer;
options.TokenValidationParameters.ValidateSignature = true;
options.TokenValidationParameters.ValidateLifetime = true;
options.TokenValidationParameters.ClockSkew = TimeSpan.FromMinutes(0);
});
並在同一項目中創建一個MVC控制器OAuthController.cs
得到令牌
[HttpGet, Route("Signin")]
public dynamic Signin(string un, string pw)
{
if (valid user)
{
DateTime? expires = DateTime.UtcNow.AddMinutes(5);
var token = GetToken(un, expires);
return new { authenticated = true, entityId = 1, token = token, tokenExpires = expires };
}
return new { authenticated = false };
}
private string GetToken(string user, DateTime? expires)
{
var handler = new JwtSecurityTokenHandler();
ClaimsIdentity identity = new ClaimsIdentity(new GenericIdentity(user, "TokenAuth"), new[] { new Claim("EntityID", "1", ClaimValueTypes.Integer) });
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin2"));
var securityToken = handler.CreateToken(
issuer: _tokenOptions.Issuer,
audience: _tokenOptions.Audience,
signingCredentials: _tokenOptions.SigningCredentials,
subject: identity,
expires: expires
);
return handler.WriteToken(securityToken);
}
現在當我打電話給m帶有用戶名和密碼的ethod Signin
我收到了jwt令牌,它可以在同一個應用程序中訪問[Authorize("Bearer", Roles="Admin2")]
控制器方法。
我該如何使用相同的令牌驗證不同的應用程序?