You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
2.5 KiB
80 lines
2.5 KiB
using Microsoft.IdentityModel.Tokens;
|
|
using System;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Security.Cryptography;
|
|
using System.Text;
|
|
|
|
namespace Wood.Util.JwtAuthorization
|
|
{
|
|
public class JwtHelper
|
|
{
|
|
/// <summary>
|
|
/// 创建jwtToken
|
|
/// </summary>
|
|
/// <param name="info"></param>
|
|
/// <returns></returns>
|
|
public JwtToken CreateToken(JwtUserInfo info)
|
|
{
|
|
// 1. 定义需要使用到的Claims
|
|
var claims = new[]
|
|
{
|
|
new Claim(nameof(info.RealName), info.RealName!), //HttpContext.User.Identity.Name
|
|
new Claim(nameof(info.NickName), info.NickName!),
|
|
new Claim(nameof(info.UserName), info.UserName!),
|
|
new Claim(nameof(info.OrgId), info.OrgId.ToString()),
|
|
new Claim(nameof(info.UserId), info.UserId.ToString()),
|
|
new Claim(nameof(info.AccountType), ((int)info.AccountType).ToString()),
|
|
new Claim(nameof(info.TenantId), info.TenantId.ToString())
|
|
};
|
|
|
|
// 2. 从 appsettings.json 中读取SecretKey
|
|
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(GlobalContext.JwtConfig!.SecretKey!));
|
|
|
|
// 3. 选择加密算法
|
|
var algorithm = SecurityAlgorithms.HmacSha256;
|
|
|
|
// 4. 生成Credentials
|
|
var signingCredentials = new SigningCredentials(secretKey, algorithm);
|
|
|
|
// 5. 根据以上,生成token
|
|
var tokenExpiresTime = DateTime.Now.AddMinutes(GlobalContext.JwtConfig!.TokenExpire);
|
|
var jwtSecurityToken = new JwtSecurityToken(
|
|
GlobalContext.JwtConfig!.Issuer!, //Issuer
|
|
GlobalContext.JwtConfig!.Audience!, //Audience
|
|
claims, //Claims,
|
|
DateTime.Now, //notBefore
|
|
tokenExpiresTime, //expires
|
|
signingCredentials //Credentials
|
|
);
|
|
|
|
// 6. 将token变为string
|
|
var token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
|
|
var refreshToken = GenerateRefreshToken();
|
|
return new JwtToken()
|
|
{
|
|
Token = token,
|
|
RefreshToken = refreshToken,
|
|
TokenExpiresTime= tokenExpiresTime,
|
|
IssuedAt=DateTime.Now,
|
|
RefreshTokenExpiresTime = DateTime.Now.AddDays(GlobalContext.JwtConfig.RefreshTokenExpire),
|
|
Issuer= GlobalContext.JwtConfig!.Issuer!,
|
|
Audience= GlobalContext.JwtConfig!.Audience!
|
|
};
|
|
}
|
|
|
|
/// <summary>
|
|
/// 生成 refreshToken
|
|
/// </summary>
|
|
/// <returns></returns>
|
|
private string GenerateRefreshToken()
|
|
{
|
|
var randomNumber = new byte[32];
|
|
using (var rng = RandomNumberGenerator.Create())
|
|
{
|
|
rng.GetBytes(randomNumber);
|
|
return Convert.ToBase64String(randomNumber);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|