完善jwt
This commit is contained in:
chenchun
@@ -6,6 +6,8 @@ using System;
|
||||
using System.IO;
|
||||
using System.Text;
|
||||
using Yi.Framework.Common.Const;
|
||||
using Yi.Framework.Common.Helper;
|
||||
using Yi.Framework.Common.IOCOptions;
|
||||
|
||||
namespace Yi.Framework.WebCore.MiddlewareExtend
|
||||
{
|
||||
@@ -16,23 +18,25 @@ namespace Yi.Framework.WebCore.MiddlewareExtend
|
||||
{
|
||||
public static IServiceCollection AddJwtService(this IServiceCollection services)
|
||||
{
|
||||
services.Configure<JWTTokenOptions>(Appsettings.appConfiguration("JwtAuthorize"));
|
||||
|
||||
var jwtOptions = Appsettings.app<JWTTokenOptions>("JwtAuthorize");
|
||||
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
||||
.AddJwtBearer(options =>
|
||||
{
|
||||
options.TokenValidationParameters = new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuer = true,//是否验证Issuer
|
||||
ValidateAudience = true,//是否验证Audience
|
||||
ValidateLifetime = true,//是否验证失效时间
|
||||
ClockSkew = TimeSpan.FromDays(1),
|
||||
.AddJwtBearer(options =>
|
||||
{
|
||||
options.TokenValidationParameters = new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuer = true,//是否验证Issuer
|
||||
ValidateAudience = true,//是否验证Audience
|
||||
ValidateLifetime = true,//是否验证失效时间
|
||||
|
||||
ValidateIssuerSigningKey = true,//是否验证SecurityKey
|
||||
ValidAudience = JwtConst.Domain,//Audience
|
||||
ValidIssuer = JwtConst.Domain,//Issuer,这两项和前面签发jwt的设置一致
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConst.SecurityKey))//拿到SecurityKey
|
||||
};
|
||||
});
|
||||
|
||||
ValidateIssuerSigningKey = true,//是否验证SecurityKey
|
||||
ValidAudience = jwtOptions.Audience,//Audience
|
||||
ValidIssuer = jwtOptions.Issuer,//Issuer,这两项和前面签发jwt的设置一致
|
||||
IssuerSigningKey = new RsaSecurityKey(RSAFileHelper.GetPublicKey())
|
||||
};
|
||||
});
|
||||
return services;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user