var path = context.HttpContext.Request.Path.Value;
            var tokenHeader = context.HttpContext.Request.Headers["Authorization"];

            var strToken = tokenHeader.ToString();
            if (strToken.Contains("Bearer "))
            {
                var jwtHandler = new JwtSecurityTokenHandler();
                try
                {
                    JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(strToken.Remove(0, 7)); //去除"Bearer "
                    var identity = new ClaimsIdentity(jwtToken.Claims);
                    var principal = new ClaimsPrincipal(identity);
                    context.HttpContext.User = principal;
                }
                catch
                {
                    _logger.Info(new Sino.Web.Logging.LogInfo() { Method = path, Argument = strToken, Description = "鉴权失败" });
                    throw new SinoException(ErrorCode.E100003, nameof(ErrorCode.E100003).GetCode());
                }
            }