問題描述

我正在開發(fā)一個 ASP Net Core 2.1 Web API.我已經(jīng)在我的項目中成功實現(xiàn)了 JWT.授權(quán)的一切工作正常.

通常，當(dāng)我需要用戶聲明時，我知道我可以這樣獲得它們(例如電子郵件聲明):

var claimIdentity = User.Identity as ClaimsIdentity;var emailClaim = claimIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);

問題是，我不在從 ControllerBase 類繼承的控制器中，所以我沒有任何 User 對象或 [Authorize] 屬性.

我擁有的是令牌本身.
例如

我想直接從令牌中獲取聲明，因為:

1. 我可以訪問令牌.
2. 我不在Controller類中，請求沒有經(jīng)過任何[Authorize]屬性，所以IHttpContextAccessor也不能用.李>

如何在 ASP Net Core 2.1 中實現(xiàn)這一點?如果有人想看看我如何添加用戶聲明:

var tokenDescriptor = new SecurityTokenDescriptor{過期 = DateTime.UtcNow.AddHours(3),主題 = 新的 ClaimsIdentity(new[]{新聲明(ClaimTypes.Name，電子郵件)，新聲明(ClaimTypes.Email、電子郵件)}),SigningCredentials = new SigningCredentials(密鑰:新 SymmetricSecurityKey(密鑰)，算法:SecurityAlgorithms.HmacSha256Signature)};var token = tokenHandler.CreateToken(tokenDescriptor);

我位于一個派生自 IDocumentFilter(Swagger 類)的類中

這是一個簡單的解決方法:

 var tokenDescriptor = new SecurityTokenDescriptor{過期 = DateTime.UtcNow.AddHours(3),主題 = 新的 ClaimsIdentity(new[]{新聲明(ClaimTypes.Name，user@hotmail.com")，新聲明(ClaimTypes.Email，user@hotmail.com")}),SigningCredentials = new SigningCredentials(密鑰:新 SymmetricSecurityKey(密鑰)，算法:SecurityAlgorithms.HmacSha256Signature)};var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);var claim = token.Claims.First(c => c.Type == "email").Value;退貨索賠；

I working on an ASP Net Core 2.1 Web API. I've implemented successfully JWT within my project. Everything with the Authorization works fine.

Normally, when I need user claims, I know I can get them like this (E.g. Email claim):

var claimsIdentity = User.Identity as ClaimsIdentity;
var emailClaim = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email);

The thing is, I am not in a controller that inherits from ControllerBase class, so I don't have any User object or [Authorize] attributes.

What I have though is the token itself.
e.g.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImFkbWluIiwiZW1haWwiOiJhZG1pbiIsIm5iZiI6MTU2ODYzNjYxMywiZXhwIjoxNTY4NjQ3NDEzLCJpYXQiOjE1Njg2MzY2MTN9.ED9x_AOvkLQqutb09yh3Huyv0ygHp_i3Eli8WG2S9N4

I want to get the claims directly from the token, because:

1. I have access to the token.
2. I am not located in a Controller class and the request is not going through any [Authorize] attributes, so IHttpContextAccessor can't be used as well.

How can I achieve this in ASP Net Core 2.1? In case someone wants to see how I add the user claims:

var tokenDescriptor = new SecurityTokenDescriptor
{
    Expires = DateTime.UtcNow.AddHours(3),
    Subject = new ClaimsIdentity(new[]
    {
        new Claim(ClaimTypes.Name, email),
        new Claim(ClaimTypes.Email, email)
    }),
    SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)
};

var token = tokenHandler.CreateToken(tokenDescriptor);

I'm located in a class that derives from IDocumentFilter (Swagger class)

Here is a simple workaround:

    var tokenDescriptor = new SecurityTokenDescriptor
        {
            Expires = DateTime.UtcNow.AddHours(3),
            Subject = new ClaimsIdentity(new[]
            {
                new Claim(ClaimTypes.Name, "user@hotmail.com"),
                new Claim(ClaimTypes.Email, "user@hotmail.com")
            }),
            SigningCredentials = new SigningCredentials(key: new SymmetricSecurityKey(key), algorithm: SecurityAlgorithms.HmacSha256Signature)
        };

    var Securitytoken = new JwtSecurityTokenHandler().CreateToken(tokenDescriptor);
    var tokenstring = new JwtSecurityTokenHandler().WriteToken(Securitytoken);
    var token = new JwtSecurityTokenHandler().ReadJwtToken(tokenstring);
    var claim = token.Claims.First(c => c.Type == "email").Value;
    return claim;

這篇關(guān)于直接從令牌獲取 JWT 聲明，ASP Net Core 2.1的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！