using Business.StructuredDB; using Microsoft.IdentityModel.Tokens; using System; using System.Collections.Generic; using System.IdentityModel.Tokens.Jwt; using System.Linq; using System.Security.Claims; using System.Text; using System.Threading.Tasks; using Volo.Abp.Application.Services; namespace Business.Sqe { public class JwtService : ApplicationService, IJwtService { public JwtService() { } public string BuildToken(IEnumerable claims, JwtOptions options) { //过期时间 TimeSpan timeSpan = TimeSpan.FromSeconds(options.ExpireSeconds);//token过期时间 var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(options.Key));//加密的token密钥 var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);//签名证书,其值为securityKey和HmacSha256Signature算法 var tokenDescriptor = new JwtSecurityToken(options.Issuer, options.Audience, claims, expires: DateTime.Now.Add(timeSpan), signingCredentials: credentials);//表示jwt token的描述信息,其值包括Issuer签发方,Audience接收方,Claims载荷,过期时间和签名证书 return new JwtSecurityTokenHandler().WriteToken(tokenDescriptor);//使用该方法转换为字符串形式的jwt token返回 } public String ValidateToken(string token, JwtOptions options) { if (token == null) return null; var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.UTF8.GetBytes(options.Key); try { tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, ClockSkew = TimeSpan.Zero }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; return jwtToken.Issuer; } catch { return null; } } } }