Question

在C＃中，我需要针对JWKS（代表如下键集的Json对象）验证Bearer令牌

{ 
   "keys":[ 
      { 
         "e":"AQAB",
         "kid":"unique key",
         "kty":"RSA",
         "n":"some value"
      }
   ]
}

Answer 1

您可以使用Microsoft的Nuget软件包Microsoft.IdentityModel.Tokens和System.IdentityModel.Tokens.Jwt

完成此操作

使用以下代码创建令牌验证器：

private static bool ValidateToken(string token, TokenValidationParameters validationParameters)
{
    var tokenHandler = new JwtSecurityTokenHandler();
    try
    {
        tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
        return validatedToken != null;
    }
    catch (Exception)
    {
        return false;
    }
}

要使用，您必须加载JWKS并选择验证参数的密钥：

var jwksJson = @"
    { 
       ""keys"":[ 
          { 
             ""e"":""AQAB"",
             ""kid"":""unique key"",
             ""kty"":""RSA"",
             ""n"":""some value""
          }
       ]
    }";

var token = "eyJhb...";
var jwks = new JsonWebKeySet(jwksJson);
var jwk = jwks.Keys.First();

var validationParameters = new TokenValidationParameters
{
    IssuerSigningKey = jwk,
    ValidAudience = "", // Your API Audience, can be disabled via ValidateAudience = false
    ValidIssuer = ""  // Your token issuer, can be disabled via ValidateIssuer = false
};

var isValid = ValidateToken(token, validationParameters);

如何在Dot Net Core中使用JWKS验证JWT令牌

1 个答案: