0
Ich schreibe Code, um JWT zu generieren und signieren Sie mit Zertifikat, aber es fügt kid
Attribut im Header, die ich nicht will. Wie erstellt man JWT mit Zertifikat ohne dieses Attribut? Hier ist mein Code:Erstellen Sie JWT ohne Kind in Header
public string CreateToken(string thumbprint, string iss, string sub, string aud, int lifetime)
{
X509Certificate2 cert = null;
var certificateStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
var lifeDuration = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(lifetime));
var tokenHandler = new JwtSecurityTokenHandler();
certificateStore.Open(OpenFlags.ReadOnly);
foreach (var certificate in certificateStore.Certificates)
{
if (certificate == null || certificate.Thumbprint == null)
{
continue;
}
if (string.Equals(certificate.Thumbprint, thumbprint, StringComparison.CurrentCultureIgnoreCase))
{
certificateStore.Close();
cert = certificate;
break;
}
}
if (cert == null)
{
throw new Exception("Certificate cannot be found!");
}
var signingCredentials = new SigningCredentials(new X509SecurityKey(cert), SecurityAlgorithms.RsaSha256Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Issuer = iss,
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("sub", sub),
new Claim("jti", Guid.NewGuid().ToString())
}),
Audience = aud,
Expires = lifeDuration.Expires,
SigningCredentials = signingCredentials
};
Microsoft.IdentityModel.Tokens.SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
string tokenString = tokenHandler.WriteToken(token);
return tokenString;
}
-Code oben erzeugen diese Token:
{
"alg": "RS256",
"kid": "B8C72D1B7A713A09372F2376094CC525A023379C",
"typ": "JWT"
}
{
"jti": "216fcf32-d4ae-4b5a-a255-79733b2e4535",
"exp": "1506496792",
"iat": "1506496792",
"iss": "issuer",
"aud": "audience",
"sub": "subject"
}