问题描述

Microsoft文档仅具有以下描述:

我想知道保存JWT是否可以使您以某种方式撤消它，但是我所读到的有关JWT的每个地方都说它们是不可撤销的.存储在AuthenticationProperties中的JWT会如何处理?

I wondered if saving the JWT allows you to revoke it somehow, but every place I read about JWTs says they are irrevocable. What would you do with a JWT being stored in the AuthenticationProperties?

推荐答案

将JWT存储在AuthenticationProperties中，使您可以从应用程序中的其他位置检索它.例如，使用 GetTokenAsync 在动作内部，例如:

Storing the JWT in the AuthenticationProperties allows you to retrieve it from elsewhere within your application. For example, use GetTokenAsync inside of an action, like this:

public async Task<IActionResult> SomeAction()
{
    // using Microsoft.AspNetCore.Authentication;
    var accessToken = await HttpContext.GetTokenAsync("access_token");

    // ...
}

例如，当您要在传出请求中转发JWT时，这很有用.

This is useful if, for example, you want to forward the JWT in an outgoing request.

这篇关于ASP.NET Core 2.0+中的JwtBearerOptions.SaveToken属性的用途是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！