1. Zuhause
  2. Frage und Antwort
  3. Erstellen Sie JWT ohne Kind in Header

Erstellen Sie JWT ohne Kind in Header

2017-09-27 1 views
0

Ich schreibe Code, um JWT zu generieren und signieren Sie mit Zertifikat, aber es fügt kid Attribut im Header, die ich nicht will. Wie erstellt man JWT mit Zertifikat ohne dieses Attribut? Hier ist mein Code:Erstellen Sie JWT ohne Kind in Header

public string CreateToken(string thumbprint, string iss, string sub, string aud, int lifetime) 
    { 
     X509Certificate2 cert = null; 

     var certificateStore = new X509Store(StoreName.My, StoreLocation.CurrentUser); 
     var lifeDuration = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(lifetime)); 
     var tokenHandler = new JwtSecurityTokenHandler(); 

     certificateStore.Open(OpenFlags.ReadOnly); 

     foreach (var certificate in certificateStore.Certificates) 
     { 
      if (certificate == null || certificate.Thumbprint == null) 
      { 
       continue; 
      } 

      if (string.Equals(certificate.Thumbprint, thumbprint, StringComparison.CurrentCultureIgnoreCase)) 
      { 
       certificateStore.Close(); 
       cert = certificate; 
       break; 
      } 
     } 

     if (cert == null) 
     { 
      throw new Exception("Certificate cannot be found!"); 
     } 

     var signingCredentials = new SigningCredentials(new X509SecurityKey(cert), SecurityAlgorithms.RsaSha256Signature); 

     var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor 
     { 

      Issuer = iss, 
      Subject = new ClaimsIdentity(new Claim[] 
       { 
        new Claim("sub", sub), 
        new Claim("jti", Guid.NewGuid().ToString()) 
       }), 
      Audience = aud, 
      Expires = lifeDuration.Expires, 
      SigningCredentials = signingCredentials 
     }; 

     Microsoft.IdentityModel.Tokens.SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); 

     string tokenString = tokenHandler.WriteToken(token); 

     return tokenString; 
    }

-Code oben erzeugen diese Token:

{ 
"alg": "RS256", 
"kid": "B8C72D1B7A713A09372F2376094CC525A023379C", 
"typ": "JWT" 
} 
{ 
"jti": "216fcf32-d4ae-4b5a-a255-79733b2e4535", 
"exp": "1506496792", 
"iat": "1506496792", 
"iss": "issuer", 
"aud": "audience", 
"sub": "subject" 
}

Quelle

2017-09-27 Paweł Tkocz

Antwort

0

ich meine Methode geändert haben wie folgt aussehen und jetzt funktioniert es gut

public string CreateToken(string thumbprint, string iss, string sub, string aud, int lifetime) 
    { 
     var lifeDuration = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(lifetime)); 
     var cert = this.FindCertificate(thumbprint); 
     var signingCredentials = new SigningCredentials(new X509SecurityKey(cert), SecurityAlgorithms.RsaSha256Signature); 

     JwtHeader header = new JwtHeader(signingCredentials); 
     header.Clear(); 
     header.Add("alg", "RS256"); 
     header.Add("typ", "JWT"); 

     JwtPayload payload = new JwtPayload(
      iss, 
      aud, 
      new List<Claim>() 
      { 
       new Claim("sub", sub), 
       new Claim("jti", Guid.NewGuid().ToString()) 
      }, 
      null, 
      lifeDuration.Expires); 

     var jwt = new JwtSecurityToken(header, payload); 
     var encoded = new JwtSecurityTokenHandler().WriteToken(jwt); 

     return encoded; 
    }

Quelle

2017-09-27 09:17:02

Verwandte Themen

 Verwandte Themen