問題描述

我曾經引用過 Microsoft.IdentityModel.Tokens.JWT 并且一切正常.

I used to have a reference to Microsoft.IdentityModel.Tokens.JWT and everything was working fine.

我更新為使用新的 System.IdentityModel.Tokens.Jwt 但現在似乎沒有任何效果.找不到JwtSecurityTokenHandler的ValidateToken方法，TokenValidationParameters沒有AllowedAudience、SigningToken 或 ValidateExpiration 屬性.

I updated to use the new System.IdentityModel.Tokens.Jwt but nothing seems to work now. It cannot find the ValidateToken method of the JwtSecurityTokenHandler and the TokenValidationParameters have no AllowedAudience, SigningToken or ValidateExpiration properties.

我在這里缺少什么?任何人都可以提供一個 JWT 驗證的工作示例嗎?

What am I missing here? Can anyone provide with a working sample of a JWT validation with this?

我的舊"代碼:

private static void ValidateJwt(string jwt)
{
    var handler = new JWTSecurityTokenHandler();
    var validationParameters = new Microsoft.IdentityModel.Tokens.JWT.TokenValidationParameters()
    {
        AllowedAudience = "https://my-rp.com",
        //SigningToken = new BinarySecretSecurityToken(Convert.FromBase64String(myBase64Key)),
        SigningToken = new X509SecurityToken(
           X509
           .LocalMachine
           .My
           .Thumbprint
           .Find("UYTUYTVV99999999999YTYYTYTY88888888", false)
           .First()),
        ValidIssuer = "https://my-issuer.com/trust/issuer",
        ValidateExpiration = true
    };

    try
    {
        var principal = handler.ValidateToken(jwt, validationParameters);
    }
    catch (Exception e)
    {

        Console.WriteLine("{0}
 {1}", e.Message, e.StackTrace);
    }

    Console.WriteLine();
}

推薦答案

經過大量研究和測試，我終于發現TokenValidationParameters的一些屬性名稱發生了變化，JwtSecurityTokenHandler.ValidateToken() 方法簽名.

After a lot of research and tests, I finally found that some properties names for TokenValidationParameters had changed and JwtSecurityTokenHandler.ValidateToken() method signature too.

所以這是上面代碼的修改后的工作版本.

So here's the modified working version of the above code.

private static void ValidateJwt(string jwt)
{
    var handler = new JwtSecurityTokenHandler();   
    var validationParameters = new TokenValidationParameters()
    {
        ValidAudience = "https://my-rp.com",
        IssuerSigningTokens = new List<X509SecurityToken>() { new X509SecurityToken(
           X509
           .LocalMachine
           .My
           .Thumbprint
           .Find("UYTUYTVV99999999999YTYYTYTY88888888", false)
           .First()) },
        ValidIssuer = "https://my-issuer.com/trust/issuer",
        CertificateValidator = X509CertificateValidator.None,
        RequireExpirationTime = true
    };

    try
    {
        SecurityToken validatedToken;
        var principal = handler.ValidateToken(jwt, validationParameters, out validatedToken);
    }
    catch (Exception e)
    {

        Console.WriteLine("{0}
 {1}", e.Message, e.StackTrace);
    }

    Console.WriteLine();
}

作為參考，JwtSecurityTokenHandler 位于 System.IdentityModel.Tokens 命名空間中.不要忘記為 Microsoft .Net 添加包JSON Web 令牌處理程序Framework 4.5"(我寫這些行時的版本 4.0.0).

And for the reference, the JwtSecurityTokenHandler lives in the System.IdentityModel.Tokens namespace. Don't forget to add the package "JSON Web Token Handler For the Microsoft .Net Framework 4.5" (version 4.0.0 at the time I write theses lines).

希望它可以為你們中的一些人節省幾個小時的搜索時間！

Hope it can save a few hours of search for some of you guys!

這篇關于JwtSecurityTokenHandler 和 TokenValidationParameters的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！