asp.net core web api token验证和RestSharp访问
2017-01-25 18:43
986 查看
对与asp.net core web api验证,多种方式,本例子的方式采用的是李争的《微软开源跨平台移动开发实践》中的token验证方式。
Asp.net core web api项目代码:
首先定义三个Token相关的类,一个Token实体类,一个TokenProvider类,一个TokenProviderOptions类
代码如下:
[code=c#;toolbar:false">/// <summary> /// Token实体 /// </summary> public class TokenEntity { /// <summary> /// token字符串 /// </summary> public string access_token { get; set; } /// <summary> /// 过期时差 /// </summary> public int expires_in { get; set; } } /// <summary> /// token提供属性 /// </summary> public class TokenProviderOptions { /// <summary> /// 发行人 /// </summary> public string Issuer { get; set; } /// <summary> /// 订阅者 /// </summary> public string Audience { get; set; } /// <summary> /// 过期时间间隔 /// </summary> public TimeSpan Expiration { get; set; } = TimeSpan.FromSeconds(30); /// <summary> /// 签名证书 /// </summary> public SigningCredentials SigningCredentials { get; set; } } /// <summary> /// Token提供类 /// </summary> public class TokenProvider { readonly TokenProviderOptions _options; public TokenProvider(TokenProviderOptions options) { _options = options; } /// <summary> /// 生成令牌 /// </summary> /// <param name="context">http上下文</param> /// <param name="username">用户名</param> /// <param name="password">密码</param> /// <param name="role">角色</param> /// <returns></returns> public async Task<TokenEntity> GenerateToken(HttpContext context, string username, string password, string role) { var identity = await GetIdentity(username); if (identity == null) { return null; } var now = DateTime.UtcNow; //声明 var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub,username), new Claim(JwtRegisteredClaimNames.Jti,Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat,ToUnixEpochDate(now).ToString(),ClaimValueTypes.Integer64), new Claim(ClaimTypes.Role,role), new Claim(ClaimTypes.Name,username) }; //Jwt安全令牌 var jwt = new JwtSecurityToken( issuer: _options.Issuer, audience: _options.Audience, claims: claims, notBefore: now, expires: now.Add(_options.Expiration), signingCredentials: _options.SigningCredentials); //生成令牌字符串 var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new TokenEntity { access_token = encodedJwt, expires_in = (int)_options.Expiration.TotalSeconds }; return response; } private static long ToUnixEpochDate(DateTime date) { return (long)Math.Round((date.ToUniversalTime() - new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero)).TotalSeconds); } /// <summary> /// 查看令牌是否存在 /// </summary> /// <param name="username">用户名</param> /// <returns></returns> private Task<ClaimsIdentity> GetIdentity(string username) { return Task.FromResult( new ClaimsIdentity(new System.Security.Principal.GenericIdentity(username, "token"), new Claim[] { new Claim(ClaimTypes.Name, username) })); } }[p][strong]using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; using Microsoft.IdentityModel.Tokens; using System.Text; using Microsoft.Extensions.Options; namespace WebApiAuthentication.Controllers { [Route("api/v1/[controller]/[action]")] public class AccountController : Controller { [HttpPost] [Authorize(Roles ="admin")] public JsonResult ABC() { return new JsonResult(new { Name = "张三", Age = 12, Sex = true, User=User.Identity.Name, }, new Newtonsoft.Json.JsonSerializerSettings()); } [AllowAnonymous] public IActionResult Login() { return View(); } /// <summary> /// 登录action /// </summary> /// <param name="username">用户名</param> /// <param name="pa 23ff7 ssword">密码</param> /// <param name="role">角色</param> /// <returns></returns> [HttpPost] [AllowAnonymous] public async Task<IActionResult> Login(string username, string password,string role) { var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("ThisIsASecretKeyForAspNetCoreAPIToken")); var options = new TokenProviderOptions { Audience = "audience", Issuer = "issuer", SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256) }; var tpm = new TokenProvider(options); var token = await tpm.GenerateToken(HttpContext, username, password,role); if (null != token) { return new JsonResult(token); } else { return NotFound(); } } } }[p]相关文章推荐
- asp.net core web api token验证和RestSharp访问
- 在ASP.NET Core Web API 项目里无法访问(wwwroot)下的文件
- 用Middleware给ASP.NET Core Web API添加自己的授权验证
- asp.net core webapi之跨域(Cors)访问
- 用Middleware给ASP.NET Core Web API添加自己的授权验证
- Asp.NetCoreWebApi图片上传接口(二)集成IdentityServer4授权访问(附源码)
- [译]ASP.NET Core Web API 中使用Oracle数据库和Dapper看这篇就够了
- ASP.NET Core MVC/WebAPi 模型绑定
- ASP.NET Core WebApi 返回统一格式参数
- ASP.Net Core WebApi几种版本控制对比
- 使用Swagger来生成asp.net core Web API 文档
- 用JWT来保护我们的ASP.NET Core Web API
- 在Mac下创建ASP.NET Core Web API
- ASP.NET Core Web API下事件驱动型架构的实现(三):基于RabbitMQ的事件总线
- 自动给 Asp.Net Core WebApi 增加 ApiVersionNeutral
- Asp.Net Core WebAPI入门整理(二)简单示例
- ASP.NET Core WebApi
- Asp.net core WebApi 使用Swagger生成帮助页实例
- ASP.NET Core使用自定义验证属性控制访问权限详解
- 一个简单的QQ隐藏图生成算法 通过jQuery和C#分别实现对.NET Core Web Api的访问以及文件上传