theme: condensed-night-purple
安装依赖
Microsoft.IdentityModel.Token.JWT
生成Jwt
``` using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text;
List claims = new List ();
claims.Add(new Claim("Passport", "123")); claims.Add(new Claim("QQ", "666")); claims.Add(new Claim("UserId", "888")); claims.Add(new Claim(ClaimTypes.Name, "zhansan")); claims.Add(new Claim(ClaimTypes.Role, "admin")); claims.Add(new Claim(ClaimTypes.Role, "maneger"));
string key = "mykey123#$$(mykey123#$$(mykey123#$$(mykey123#$$("; DateTime expire = DateTime.Now.AddDays(1);
byte[] bytes = Encoding.UTF8.GetBytes(key); SymmetricSecurityKey secKey = new SymmetricSecurityKey(bytes); SigningCredentials credentials = new(secKey, SecurityAlgorithms.HmacSha256Signature); JwtSecurityToken tokenDescriptor = new JwtSecurityToken(claims: claims, expires: expire, signingCredentials: credentials); string jwt = new JwtSecurityTokenHandler().WriteToken(tokenDescriptor);
Console.WriteLine(jwt);
```
取出JWT内容
负载中的内容是以明文形式存储的
不要把不能被客户端知道的信息放到JWT
``` using System.Text;
string jwt = "eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJQYXNzcG9ydCI6IjEyMyIsIlFRIjoiNjY2IiwiVXNlcklkIjoiODg4IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6InpoYW5zYW4iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOlsiYWRtaW4iLCJtYW5lZ2VyIl0sImV4cCI6MTY5MjAxNjQzN30.N3OV8EvZD7llZokiO7l7E3iID1hBfzY1wN2gFA2Tcig"; string[] strs = jwt.Split('.');
string header = strs[0]; string payload = strs[1]; string sign = strs[2];
Console.WriteLine(JwtDecode(header)); Console.WriteLine(JwtDecode(payload)); Console.WriteLine(JwtDecode(sign));
string JwtDecode(string s) { s = s.Replace("-", "+").Replace("_", "/"); switch (s.Length % 4) { case 2: s += "=="; break; case 3: s += "="; break; } byte[] bytes = Convert.FromBase64String(s); return Encoding.UTF8.GetString(bytes); }
```
优化
JWT
原JWT:
eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJQYXNzcG9ydCI6IjEyMyIsIlFRIjoiNjY2IiwiVXNlcklkIjoiODg4IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6InpoYW5zYW4iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOlsiYWRtaW4iLCJtYW5lZ2VyIl0sImV4cCI6MTY5MjAxOTYwNH0.HZgwDSI-gw2FuHjVpJqYj45wQK04KA46OLNnc9QaOPM
篡改后JWT:
eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJQYXNzcG9ydCI6IjEyMyIsIlFRIjoiNjY2IiwiVXNlcklkIjoiODg4IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6Imxpc2kiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOlsiYWRtaW4iLCJtYW5lZ2VyIl0sImV4cCI6MTY5MjAxOTYzMX0.1pqp6UoRQpQo3kpErZdba9l9K--JXhWrJQ1bp3tqdVA
校验
原JWT:
篡改后JWT:
相关代码
``` using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text;
string jwt = Console.ReadLine();
string secKey = "mykey123#$$(mykey123#$$(mykey123#$$(mykey123#$$("; JwtSecurityTokenHandler tokenHeader = new(); TokenValidationParameters validParam = new(); var security = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secKey)); validParam.IssuerSigningKey = security; validParam.ValidateIssuer = false; validParam.ValidateAudience = false; ClaimsPrincipal claimsPrincipal = tokenHeader.ValidateToken(jwt, validParam, out SecurityToken securityToken); foreach(var claim in claimsPrincipal.Claims) { Console.WriteLine(claim.Value); }
```