7

在 C# 中,我需要针对 JWKS 验证承载令牌(Json 对象表示如下所示的一组键)

{ 
   "keys":[ 
      { 
         "e":"AQAB",
         "kid":"unique key",
         "kty":"RSA",
         "n":"some value"
      }
   ]
}
4

1 回答 1

12

您可以使用 Microsoft 的 Nuget 包Microsoft.IdentityModel.TokensSystem.IdentityModel.Tokens.Jwt

使用以下代码创建令牌验证器:

private static bool ValidateToken(string token, TokenValidationParameters validationParameters)
{
    var tokenHandler = new JwtSecurityTokenHandler();
    try
    {
        tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
        return validatedToken != null;
    }
    catch (Exception)
    {
        return false;
    }
}

对于使用,您必须加载 JWKS 并为验证参数选择一个键:

var jwksJson = @"
    { 
       ""keys"":[ 
          { 
             ""e"":""AQAB"",
             ""kid"":""unique key"",
             ""kty"":""RSA"",
             ""n"":""some value""
          }
       ]
    }";

var token = "eyJhb...";
var jwks = new JsonWebKeySet(jwksJson);
var jwk = jwks.Keys.First();

var validationParameters = new TokenValidationParameters
{
    IssuerSigningKey = jwk,
    ValidAudience = "", // Your API Audience, can be disabled via ValidateAudience = false
    ValidIssuer = ""  // Your token issuer, can be disabled via ValidateIssuer = false
};

var isValid = ValidateToken(token, validationParameters);
于 2020-02-14T23:00:41.083 回答