从WebAPI控制器获取声明 - JWT令牌
从WebAPI控制器获取声明 - JWT令牌
我已经在ASP.NET Core中构建了一个使用JWT承载认证的应用程序。在进行身份验证时,我定义了一些自定义声明,我需要在另一个WebAPI控制器中读取这些声明以执行一些操作。
有任何想法如何实现这个?
这是我的代码示例(代码已经简化):
public async TaskAuthenticateAsync([FromBody] UserModel user) { .............. var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("userSecurityKey", userDeserialized.SecurityKey.ToString()), new Claim("timeStamp",timeStamp), new Claim("verificationKey",userDeserialized.VerificationKey.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); ................. }
另一个控制器:(需要读取“verificationKey”声明。)
[HttpGet]
[Route("getcandidate")]
public async Task GetCandidateAsync()
{
try
{
............
var verificationKey = //TODO: 从令牌中获取verificationKey
var verificationRecord = await service.GetVerificationRecordAsync(verificationKey);
.................
}
catch (Exception)
{
return NotFound();
}
}