我正在处理JWT验证模块,并在JWT.io中收到无效签名错误。
我的令牌:
var claimRoles = "Admin";
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("UserId", user.Id.ToString()),
new Claim("Roles", claimRoles)
}),
Expires = DateTime.UtcNow.AddMinutes(60),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return Ok(new { token });
我的startup.cs
var key = Encoding.UTF8.GetBytes(Configuration["ApplicationSettings:JWT_Secret"]);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x=> {
x.RequireHttpsMetadata = false;
x.SaveToken = false;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ClockSkew = TimeSpan.Zero
};
});
我的不记名令牌之一:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVc2VySWQiOiJhNzQ3Y2U5Mi1kMjhhLTQwZGYtYjU0MS00Zjg5MjI1NmEzNzgiLCJSb2xlcyI6IkFkbWluIiwibmJmIjoxNTc0MTE2MDUwLCJleHAiOjE1NzQxMTk2NTAsImlhdCI6MTU3NDExNjA1MH0.Unxv9bQOPDYn_IAi7GLBv8eZEy1f1L1-yH-VP_c-iSU
我在做什么错了?