1
我試圖實現JWT令牌驗證 但嘗試ClaimPrincipal獲取異常。無法從securityToken創建索賠,'issuer'爲空或空c#
無法創建securityToken要求,「發行人」爲空或空
我沒有得到究竟是錯在下面的代碼
public static string GenrateToken(string userId, string deviceId)
{
var time = DateTime.UtcNow;
var symmetricKey = Convert.FromBase64String(Secret);
var tokenHandler = new JwtSecurityTokenHandler();
SecurityKey securityKey = new InMemorySymmetricSecurityKey(symmetricKey);
var now = DateTime.UtcNow;
var expiry = now.AddHours(24);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{new Claim("userId", userId),new Claim("deviceId", deviceId),new Claim("time", time.ToString())}
),
Lifetime = new Lifetime(now, expiry),
SigningCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature, "")
};
var stoken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
return token;
}
public static ClaimsPrincipal GetPrincipal(string token)
{
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var jwtToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
if (jwtToken == null)
return null;
var symmetricKey = Convert.FromBase64String(Secret);
SecurityKey securityKey = new InMemorySymmetricSecurityKey(symmetricKey);
var validationParameters = new TokenValidationParameters()
{
RequireExpirationTime = true,
ValidateIssuer = false,
ValidateAudience = false,
IssuerSigningKey = securityKey
};
SecurityToken securityToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
return principal;
}
catch (Exception ex)
{
//should write log
return null;
}
}