直接从令牌获取 JWT 声明,ASP Net Core 2.1

Get JWT claims directly from the token, ASP Net Core 2.1(直接从令牌获取 JWT 声明,ASP Net Core 2.1)
本文介绍了直接从令牌获取 JWT 声明,ASP Net Core 2.1的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!


我正在开发一个 ASP Net Core 2.1 Web API.我已经在我的项目中成功实现了 JWT.授权的一切工作正常.


var claimIdentity = User.Identity as ClaimsIdentity;var emailClaim = claimIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);

问题是,我不在从 ControllerBase 类继承的控制器中,所以我没有任何 User 对象或 [Authorize] 属性.


<预> <代码> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkbWluIiwiZW1haWwiOiJhZG1pbiIsIm5iZiI6MTU2ODYzNjYxMywiZXhwIjoxNTY4NjQ3NDEzLCJpYXQiOjE1Njg2MzY2MTN9.ED9x_AOvkLQqutb09yh3Huyv0ygHp_i3Eli8WG2S9N4


  1. 我可以访问令牌.
  2. 我不在Controller类中,请求没有经过任何[Authorize]属性,所以IHttpContextAccessor也不能用.李>

如何在 ASP Net Core 2.1 中实现这一点?如果有人想看看我如何添加用户声明:

var tokenDescriptor = new SecurityTokenDescriptor{过期 = DateTime.UtcNow.AddHours(3),主题 = 新的 ClaimsIdentity(new[]{新声明(ClaimTypes.Name,电子邮件),新声明(ClaimTypes.Email、电子邮件)}),SigningCredentials = new SigningCredentials(密钥:新 SymmetricSecurityKey(密钥),算法:SecurityAlgorithms.HmacSha256Signature)};var token = tokenHandler.CreateToken(tokenDescriptor);

我位于一个派生自 IDocumentFilter(Swagger 类)的类中



 var tokenDescriptor = new SecurityTokenDescriptor{过期 = DateTime.UtcNow.AddHours(3),主题 = 新的 ClaimsIdentity(new[]{新声明(ClaimTypes.Name,user@hotmail.com"),新声明(ClaimTypes.Email,user@hotmail.com")}),SigningCredentials = new SigningCredentials(密钥:新 SymmetricSecurityKey(密钥),算法:SecurityAlgorithms.HmacSha256Signature)};var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);var claim = token.Claims.First(c => c.Type == "email").Value;退货索赔;

I working on an ASP Net Core 2.1 Web API. I've implemented successfully JWT within my project. Everything with the Authorization works fine.

Normally, when I need user claims, I know I can get them like this (E.g. Email claim):

var claimsIdentity = User.Identity as ClaimsIdentity;
var emailClaim = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);

The thing is, I am not in a controller that inherits from ControllerBase class, so I don't have any User object or [Authorize] attributes.

What I have though is the token itself.


I want to get the claims directly from the token, because:

  1. I have access to the token.
  2. I am not located in a Controller class and the request is not going through any [Authorize] attributes, so IHttpContextAccessor can't be used as well.

How can I achieve this in ASP Net Core 2.1? In case someone wants to see how I add the user claims:

var tokenDescriptor = new SecurityTokenDescriptor
    Expires = DateTime.UtcNow.AddHours(3),
    Subject = new ClaimsIdentity(new[]
        new Claim(ClaimTypes.Name, email),
        new Claim(ClaimTypes.Email, email)
    SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)

var token = tokenHandler.CreateToken(tokenDescriptor);

I'm located in a class that derives from IDocumentFilter (Swagger class)


Here is a simple workaround:

    var tokenDescriptor = new SecurityTokenDescriptor
            Expires = DateTime.UtcNow.AddHours(3),
            Subject = new ClaimsIdentity(new[]
                new Claim(ClaimTypes.Name, "user@hotmail.com"),
                new Claim(ClaimTypes.Email, "user@hotmail.com")
            SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)

    var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);
    var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);
    var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);
    var claim = token.Claims.First(c => c.Type == "email").Value;
    return claim;

这篇关于直接从令牌获取 JWT 声明,ASP Net Core 2.1的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!



Custom Error Queue Name when using EasyNetQ for RabbitMQ?(使用 EasyNetQ for RabbitMQ 时自定义错误队列名称?)
How to generate password_hash for RabbitMQ Management HTTP API(如何为 RabbitMQ 管理 HTTP API 生成密码哈希)
Rabbitmq Ack or Nack, leaving messages on the queue(Rabbitmq Ack 或 Nack,将消息留在队列中)
Setup RabbitMQ consumer in ASP.NET Core application(在 ASP.NET Core 应用程序中设置 RabbitMQ 消费者)
Specify Publish timeouts in mass transit(指定公共交通中的发布超时)
RabbitMQ asynchronous support(RabbitMQ 异步支持)