把上面网址转换好的xml复制到项目中
rsa-private-key.xml
<RSAKeyValue>
<Modulus>zfU9wLR5CY3tSz258TcXmufSqHVzcB+q81FQZewAz7cB0ZHGO2+jrePkmb5sGhmFgWNGIh2Com1nzyVcTri1kKSXIWiF5R/29SieOacRCaOlNECFkavF44AYaUfthjtRDWNjKnCXDzvK0QLp16CyUZzzROy6QVIMXsoJpQbWUREz6HU7jM3lZFxxI7Vvo68vPn0hx0H3JEUXBeUX9cVhBAX57lsNIhSFqypX49LuDM8SWrqS/sd3lJ8rg7YIPrbarym6ekrN7QG9UVhkJOoh1MqhI4qk30Nx1oqO64xQP6SnaEtkPAZRK6u4nX2r7TPqYb3LyXDWHFTC+6sd3dxaLw==</Modulus>
<Exponent>AQAB</Exponent>
<P>7JVeLMkZEX0GPiDiZTyurxZUSHNqI0ZCLhwXmPkMY4dSr042vBiOYzX60S7zEafMgbEbBJu9xR/4wpqRMyftGmZjWH9CBqKFDzhDl7/31+uLh7bVqS/iSoERX/hMVBZIaivWt93iSIG01+LqigzkKohIjAksPSrfPgCdXSD98LE=</P>
<Q>3txuEiEkGQrIFWpr9+M6gVnA4PLDM0B8o0YJCwhXDgCnoiIYxq8MAM4oz3JH1LmWPNrKgzS0aOs9Fl6xOLaJgxqJmreoC3Ma4YWti3i9cZMN1HCSx8edwpi1XRerixhRRTA7c6vnXj608+TgVyBl0vkJ+RNFDDPo4bWUztmOsN8=</Q>
<DP>K59PAgsCaEsZP5NoqyoJO5duav188Iwf38imQTqKoj9ta42MYhpVBs4JNVDm2LaL6s3xIWRmFVbT024Un84Y1elTIBo23mpRBoFlVTG8TT/NNnTr6Io/u2UZAw0RZd/F8m2q5bQv6Rahdb0Nae7+kykV11xJn+2rxA7w9R8EM8E=</DP>
<DQ>jxBkXKEHwkeokA7kRpqJGTZb2kwdQQ55tHqmHX36HJQRCMTosMr4Yp/1lM4hDI8iwegWLsorslqouW6KSATuG8pyYW7aopb+v52H/cvBmWI0c5bcswES5jQP4TXrunwe19KRp7zH5zlMAnGADo5Or3ONkmZrYd0E97gQUgVZU3M=</DQ>
<InverseQ>XNbJCBTxx8/NhlCvbSth6YmKHGQ8f8zw1XZ+5XBslbC8flkohDA5AhJEoN3WQOUB10yx+BijHQJg73ZXvxTV0+1dYOtnDmxBFotk5iTnPE2XY9O202Zr9Kl/B30OspVIUmFwCPvpM95EX2KEbFHXgxfkaXXc45PxIdcE0lfBlVU=</InverseQ>
<D>nWOF11eTD0wYRGFdUQpKzaPOhdGLb+mjV+GR0PFzBUjS6PW/SPhdWqtGrH6qWZ+bOG9GzxdCFyIILHJeggIBLhG5NFyNxbSRonNxxpj3GiimPLH54IIl7V6cSQggaW222MZUp7/2kDufF+5kCNXSry+Db+5/vx8WOPGoQSZibPubVuJ4fTqgsZ8g2rAZo/2QZOdrFbUPsJFFcorUGbMlseOu1PO4vL+MK/mj3g4T/loACZUgwD2Ivqtv2kHTBHLSzhzAIaswoL0p+pLzOA6CLAvmrc7tX3Uf7GiwXF6psN5zA9ROkVZu3Rw6AmxpKBN5Y15XWijHwqpQsuxj3NO1QQ==</D>
</RSAKeyValue>
appsettings.json中配置jwt
"jwt": {
"issuer": "http://localhost:5000",
"expiryDays": 3,
"useRsa": true,
"rsaPrivateKeyXml": "rsa-private-key.xml",
"rsaPublicKeyXml": "rsa-public-key.xml"
}
RsaExtention类
using System;
using System.Security.Cryptography;
using System.Xml;
namespace student_api_plus
{
public static class RsaExtention
{
public static void FromXmlString(this RSA rsa, string xmlString)
{
RSAParameters parameters = new RSAParameters();
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(xmlString);
if (xmlDoc.DocumentElement.Name.Equals("RSAKeyValue"))
{
foreach (XmlNode node in xmlDoc.DocumentElement.ChildNodes)
{
switch (node.Name)
{
case "Modulus": parameters.Modulus = Convert.FromBase64String(node.InnerText); break;
case "Exponent": parameters.Exponent = Convert.FromBase64String(node.InnerText); break;
case "P": parameters.P = Convert.FromBase64String(node.InnerText); break;
case "Q": parameters.Q = Convert.FromBase64String(node.InnerText); break;
case "DP": parameters.DP = Convert.FromBase64String(node.InnerText); break;
case "DQ": parameters.DQ = Convert.FromBase64String(node.InnerText); break;
case "InverseQ": parameters.InverseQ = Convert.FromBase64String(node.InnerText); break;
case "D": parameters.D = Convert.FromBase64String(node.InnerText); break;
}
}
}
else
{
throw new Exception("Invalid XML RSA key.");
}
rsa.ImportParameters(parameters);
}
public static string ToXmlString(this RSA rsa, bool includePrivateParameters)
{
RSAParameters parameters = rsa.ExportParameters(includePrivateParameters);
if (includePrivateParameters)
{
return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>",
Convert.ToBase64String(parameters.Modulus),
Convert.ToBase64String(parameters.Exponent),
Convert.ToBase64String(parameters.P),
Convert.ToBase64String(parameters.Q),
Convert.ToBase64String(parameters.DP),
Convert.ToBase64String(parameters.DQ),
Convert.ToBase64String(parameters.InverseQ),
Convert.ToBase64String(parameters.D));
}
return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>",
Convert.ToBase64String(parameters.Modulus),
Convert.ToBase64String(parameters.Exponent));
}
}
}
在Startup.cs方法ConfigureServices中添加以下代码
//添加jwt验证
using (var rsa = RSA.Create())
{
RsaExtention.FromXmlString(rsa, File.ReadAllText(Configuration["jwt:rsaPrivateKeyXml"]));
var privateKey = new RsaSecurityKey(rsa);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,//是否验证Issuer
ValidateAudience = false,//是否验证Audience
ValidateLifetime = false,//是否验证失效时间
ValidateIssuerSigningKey = true,//是否验证SecurityKey
ValidAudience = "student",//Audience 从配置读取 Configuration["JwtToken:Issuer"]
ValidIssuer = "student",//Issuer,这两项和前面签发jwt的设置一致
IssuerSigningKey = privateKey
};
});
}
控制器中取数据
return HttpContext.User.FindFirst("data").Value;