新建.net core webapi项目
E:\coding\netcore>dotnet new webapi --name JwtAuthSample
创建需要用到的实体对象类
namespace JwtAuthSample.Models
{
public class JwtSettings{
//发现者
public string Issure{get;set;}
//使用者
public string Audience{get;set;}
//jwt使用的密码
public string SecretKey {get;set;} }
}
在appsettings.json 中增加映射到实体类JwtSettings的配置文件
"JwtSettings":{
"Issure":"http://localhost:5000",
"Audience":"http://localhost:5000",
"SecretKey":"123456789@byd@33311fasdfsad"
}
在StartUp.cs方法ConfigureServices中配置如下代码,用于Jwt验证
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.Configure<JwtSettings>(Configuration.GetSection("JwtSettings"));
var jwtSetting = new JwtSettings();
Configuration.Bind("JwtSettings",jwtSetting); services.AddAuthentication(options=>{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(jwtOption=>{
jwtOption.TokenValidationParameters=new Microsoft.IdentityModel.Tokens.TokenValidationParameters{
ValidIssuer = jwtSetting.Issure,
ValidAudience = jwtSetting.Audience,
IssuerSigningKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(
System.Text.Encoding.UTF8.GetBytes(jwtSetting.SecretKey)
)
};
});
}
为了让受权生效,需要在Configure启用授权
接下来测试授权有没有生效
需要在要授权的类或方法上加下[Authorize]特性
通过测试器访问 http://localhost:5000/api/values/ ,会出出现401未授权错误