Correct use of JwtTokens in C#(在 C# 中正确使用 JwtTokens)
问题描述
我正在使用 JwtTokens 并且无法使它们正常工作.我正在使用 http://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/ 为它.我知道代码是一团糟,但只是为了展示我正在尝试做的事情.问题是我希望 JwtTokenHandler 因为生命周期而无法通过验证.
I'm playing a with JwtTokens and can't make them work properly. I'm using http://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/ for it. I know the code is a mess but is just to show what I'm trying to do. The problem is that I want the JwtTokenHandler to fail the validation because of the lifetime.
var key = "5A0AB091-3F84-4EC4-B227-0834FCD8B1B4";
var domain = "http://localhost";
var allowedAudience = "http://localhost";
var signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
var digestAlgorithm = "http://www.w3.org/2001/04/xmlenc#sha256";
var issuer = "self";
var securityKey = System.Text.Encoding.Unicode.GetBytes(key);
var inMemorySymmetricSecurityKey = new InMemorySymmetricSecurityKey(securityKey);
var now = DateTime.UtcNow;
var expiry = now.AddSeconds(1);
var tokenHandler = new JwtSecurityTokenHandler();
var claimsList = new List<Claim>()
{
new Claim(ClaimTypes.Name, "user"),
new Claim(ClaimTypes.Webpage, allowedAudience),
new Claim(ClaimTypes.Uri, domain),
new Claim(ClaimTypes.Expiration,expiry.Ticks.ToString())
};
var roles = new List<string>() { "admin" };
claimsList.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role)));
var identity = new GenericIdentity("user");
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(identity, claimsList),
TokenIssuerName = issuer,
AppliesToAddress = allowedAudience,
Lifetime = new Lifetime(now, expiry),
SigningCredentials = new SigningCredentials(inMemorySymmetricSecurityKey, signatureAlgorithm, digestAlgorithm),
};
var token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
var validationParameters = new TokenValidationParameters()
{
ValidIssuer = issuer,
ValidAudience = allowedAudience,
IssuerSigningToken = new BinarySecretSecurityToken(securityKey)
};
Thread.Sleep(2000);
try
{
SecurityToken securityToken;
tokenHandler.ValidateToken(token, validationParameters, out securityToken);
Console.WriteLine("OK");
}
catch (Exception e)
{
Console.WriteLine("Error {0}", e.Message);
}
由于我等待 2 秒,这不是假设会失败吗?如果我将 ValidationTokenParameter 的颁发者更改为x",它会失败...
Isn't this suppose to fail since I'm waiting 2 seconds? It fails if I change the issuer of the ValidationTokenParameter to "x"...
推荐答案
发现问题.验证参数的默认时钟偏差为 5 分钟
Found the issue. The validation parameters have a default clock skew of 5 minutes
/// <summary>
/// Default for the clock skew.
///
/// </summary>
///
/// <remarks>
/// 300 seconds (5 minutes).
/// </remarks>
public static readonly TimeSpan DefaultClockSkew;
将其设置为 0 使这项工作.仍然不明白为什么倾斜是 5 分钟,如果我将到期时间设置在某个时间点!!!
Setting that to 0 make this work. Still don't understand why the skew is 5 minutes, if I set the expiry at some point!!!
这篇关于在 C# 中正确使用 JwtTokens的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:在 C# 中正确使用 JwtTokens


基础教程推荐
- 将 XML 转换为通用列表 2022-01-01
- 将 Office 安装到 Windows 容器 (servercore:ltsc2019) 失败,错误代码为 17002 2022-01-01
- 如何激活MC67中的红灯 2022-01-01
- 有没有办法忽略 2GB 文件上传的 maxRequestLength 限制? 2022-01-01
- 为什么Flurl.Http DownloadFileAsync/Http客户端GetAsync需要 2022-09-30
- SSE 浮点算术是否可重现? 2022-01-01
- MS Visual Studio .NET 的替代品 2022-01-01
- 如何在 IDE 中获取 Xamarin Studio C# 输出? 2022-01-01
- rabbitmq 的 REST API 2022-01-01
- c# Math.Sqrt 实现 2022-01-01