本文介绍了使用Jwt-Dotnet生成有效令牌的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我正在使用以下代码,该代码最初是我从 jwt-dotnet github页面上借来的

I am using the following code, which I borrowed originally from the jwt-dotnet github page

    private static string CreateToken(UserPrincipal principal)
    {
        /*
         * https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
         * http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html
         */
        var key = ConfigurationManager.AppSettings["jwt-key"];

        var claims = new Dictionary<string, string>()
        {
            {ClaimTypes.Name, "Rainbow Dash" },
            {ClaimTypes.WindowsAccountName, "RDash"}
        };

        var algorithm = new HMACSHA256Algorithm();
        var serializer = new JsonNetSerializer();
        var urlEncoder = new JwtBase64UrlEncoder();
        var encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
        var token = encoder.Encode(claims, key);
        return token;
    }

上面的代码生成以下令牌:

The above code generates the following token:

因此,我跳到了 jwt.io 来测试我的令牌.有人告诉我我的签名无效.

So, I hopped over to jwt.io to test my token. I'm told I have an invalid signature.

如何给它一个有效的签名"?我不明白我的JWT缺少什么.

How do I give it a valid 'signature'? I don't understand what my JWT is missing.

推荐答案

如果将创建令牌时使用的秘密签名密钥提供给令牌,则JWT.io上的工具可以验证令牌的数字签名:

The tool over JWT.io can verify the digital signature of your token if you give it the secret signing key you used while creating a token:

通过查看您的代码,它就是您所包含的值:

And from looking at your code it's the value contained in your:

ConfigurationManager.AppSettings["jwt-key"];

只需在秘密"文本框中输入值,如果令牌的签名与JWT.io计算的签名匹配,那么您将收到一条消息,指出签名是有效的.

Just input the value inside the "secret" text box and if the signature of the token matches the one calculated by JWT.io then you'll get a message saying that the signature is valid.

这篇关于使用Jwt-Dotnet生成有效令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-06 15:54