问题描述
我曾经引用过 Microsoft.IdentityModel.Tokens.JWT
并且一切正常.
I used to have a reference to Microsoft.IdentityModel.Tokens.JWT
and everything was working fine.
我更新为使用新的 System.IdentityModel.Tokens.Jwt
但现在似乎没有任何效果.找不到JwtSecurityTokenHandler
的ValidateToken
方法,TokenValidationParameters
没有AllowedAudience
、SigningToken
或 ValidateExpiration
属性.
I updated to use the new System.IdentityModel.Tokens.Jwt
but nothing seems to work now. It cannot find the ValidateToken
method of the JwtSecurityTokenHandler
and the TokenValidationParameters
have no AllowedAudience
, SigningToken
or ValidateExpiration
properties.
我在这里缺少什么?任何人都可以提供一个 JWT 验证的工作示例吗?
What am I missing here? Can anyone provide with a working sample of a JWT validation with this?
我的旧"代码:
private static void ValidateJwt(string jwt)
{
var handler = new JWTSecurityTokenHandler();
var validationParameters = new Microsoft.IdentityModel.Tokens.JWT.TokenValidationParameters()
{
AllowedAudience = "https://my-rp.com",
//SigningToken = new BinarySecretSecurityToken(Convert.FromBase64String(myBase64Key)),
SigningToken = new X509SecurityToken(
X509
.LocalMachine
.My
.Thumbprint
.Find("UYTUYTVV99999999999YTYYTYTY88888888", false)
.First()),
ValidIssuer = "https://my-issuer.com/trust/issuer",
ValidateExpiration = true
};
try
{
var principal = handler.ValidateToken(jwt, validationParameters);
}
catch (Exception e)
{
Console.WriteLine("{0}
{1}", e.Message, e.StackTrace);
}
Console.WriteLine();
}
推荐答案
经过大量研究和测试,我终于发现TokenValidationParameters
的一些属性名称发生了变化,JwtSecurityTokenHandler.ValidateToken()
方法签名.
After a lot of research and tests, I finally found that some properties names for TokenValidationParameters
had changed and JwtSecurityTokenHandler.ValidateToken()
method signature too.
所以这是上面代码的修改后的工作版本.
So here's the modified working version of the above code.
private static void ValidateJwt(string jwt)
{
var handler = new JwtSecurityTokenHandler();
var validationParameters = new TokenValidationParameters()
{
ValidAudience = "https://my-rp.com",
IssuerSigningTokens = new List<X509SecurityToken>() { new X509SecurityToken(
X509
.LocalMachine
.My
.Thumbprint
.Find("UYTUYTVV99999999999YTYYTYTY88888888", false)
.First()) },
ValidIssuer = "https://my-issuer.com/trust/issuer",
CertificateValidator = X509CertificateValidator.None,
RequireExpirationTime = true
};
try
{
SecurityToken validatedToken;
var principal = handler.ValidateToken(jwt, validationParameters, out validatedToken);
}
catch (Exception e)
{
Console.WriteLine("{0}
{1}", e.Message, e.StackTrace);
}
Console.WriteLine();
}
作为参考,JwtSecurityTokenHandler
位于 System.IdentityModel.Tokens
命名空间中.不要忘记为 Microsoft .Net 添加包JSON Web 令牌处理程序Framework 4.5"(我写这些行时的版本 4.0.0).
And for the reference, the JwtSecurityTokenHandler
lives in the System.IdentityModel.Tokens
namespace. Don't forget to add the package "JSON Web Token Handler For the Microsoft .Net Framework 4.5" (version 4.0.0 at the time I write theses lines).
希望它可以为你们中的一些人节省几个小时的搜索时间!
Hope it can save a few hours of search for some of you guys!
这篇关于JwtSecurityTokenHandler 和 TokenValidationParameters的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!