问题描述
我正在尝试使用 JWT 向 ASP.NET Web API 验证 Node 应用程序.
I am trying to use JWT to authenticate a Node application to an ASP.NET Web API.
在 ASP.NET 中,我使用的是 .NET 4.5.1 和 nuget 包 System.IdentityModel.Tokens.Jwt
5.0.0
In ASP.NET, I am using .NET 4.5.1 and nuget package System.IdentityModel.Tokens.Jwt
5.0.0
我不明白的是,为什么命名空间在 Microsoft
和 System
之间混合.
What I don't understand is, why the namespaces are mixed between Microsoft
and System
.
例如:
var tokenReader = new JwtSecurityTokenHandler();
tokenReader.ValidateToken(token,
new TokenValidationParameters()
{
ValidateAudience = false
},
out validatedToken);
主要的JwtSecurityTokenHandler
在System.IdentityModel.Tokens.Jwt
命名空间,但TokenValidationParameters
类及其依赖在Microsoft.IdentityModel.Tokens
命名空间,并可能与 System.IdentityModel.Tokens
命名空间中的类似类发生冲突.
The main JwtSecurityTokenHandler
is in the System.IdentityModel.Tokens.Jwt
namespace, but the TokenValidationParameters
class and its dependencies are in the Microsoft.IdentityModel.Tokens
namespace, and possibly collide with similar classes in the System.IdentityModel.Tokens
namespace.
这是设计使然,还是其他地方版本不匹配的可能迹象?
Is this by design or is this a possible sign of a version mismatch somewhere else?
推荐答案
如果你看一下对
nuget System.IdentityModel.Tokens.Jwt 4.0.2
对比
nuget System.IdentityModel.Tokens.Jwt 5.0
你会看到 5.0 依赖于
you'll see that 5.0 has a dependency on
依赖关系
.NETFramework 4.5.1
.NETFramework 4.5.1
Microsoft.IdentityModel.Tokens (>=5.0.0)
Microsoft.IdentityModel.Tokens (>=5.0.0)
4.0 没有.事实上,以前的版本没有.
that 4.0 didn't have. In fact, no previous version did.
Microsoft 正在重新构建他们的框架,使其更轻量级.在 ASP.NET 大小的框架中,您将有许多功能冗余.
Microsoft is re-architect-ing their frameworks to be more light weight. In a framework the size of ASP.NET, you will have many functional redundancies.
为了使 WIF 更轻,同时保持向后兼容,我们决定从 System.IdentityModel.Tokens.Jwt
等库中删除冗余功能,不再依赖于 System.IdentityModel.令牌
,而是在 Microsoft.IdentityModel.Tokens
上.不幸的结果之一是两个层都暴露了相同的方法.
To make WIF lighter, while remaining backwards compatible, the decision was made to remove the redundant functionality from libraries like System.IdentityModel.Tokens.Jwt
no longer depend on System.IdentityModel.Tokens
, but instead on Microsoft.IdentityModel.Tokens
. One of the unfortunate results is that both layers expose the same methods.
这篇关于.NET JWT 令牌验证的命名空间:系统与 Microsoft的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!