如何從我的JWT令牌身份中提取信息

Question

我實現了我自己的oauth身份驗證系統並希望使用JWT令牌。 ms的實現有點令人困惑。我看到下面的散列algorithum遍佈淨

public string Protect(AuthenticationTicket data) 
    { 
     if (data == null) 
     { 
      throw new ArgumentNullException("data"); 
     } 

     string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; 

     string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; 

     var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); 

     var signingKey = new HmacSigningCredentials(keyByteArray); 

     var issued = data.Properties.IssuedUtc; 

     var expires = data.Properties.ExpiresUtc; 

     var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); 

     var handler = new JwtSecurityTokenHandler(); 

     var jwt = handler.WriteToken(token); 

     return jwt; 
    } 

，但似乎無法找出我怎麼能然後提取出令牌

Answer 1

你所顯示是JWT執行保護的用戶信息那不是從盒子裏出來的。這是爲了序列化&加密令牌而不是oposite。如果您已經管理過那部分（這很困難），那麼閱讀用戶聲明的JWT令牌應該很容易。這通常是由Microsoft.Owin.Security.Jwt中間件

var issuer = "http://myidentityserverurl.com" 
var audience = ConfigurationManager.AppSettings["as:AudienceId"]; 
var symmetricKey = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["as:AudienceSecret"]); 

// Api controllers with an [Authorize] attribute will be validated with JWT 
     app.UseJwtBearerAuthentication(
      new JwtBearerAuthenticationOptions { 
       AuthenticationMode = AuthenticationMode.Active, 
       AuthenticationType = "JWT", 
       AllowedAudiences = new string[] { audience } , 
       IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[] 
       { 
        new SymmetricKeyIssuerSecurityTokenProvider(issuer, symmetricKey) 
       } 
      }); 

看看這個github repo和一個完整的例子一篇文章中here端到端完成。