問題描述

我正在嘗試使用包 System.IdentityModel.Tokens.Jwt 來生成令牌.我在網(wǎng)上找到了一些代碼示例，非常簡單，但后來我遇到了一個我無法弄清楚的錯誤.這是我正在使用的代碼(為簡潔起見稍作修改):

I'm trying to use package System.IdentityModel.Tokens.Jwt to generate a token. I found some code samples online, was pretty straightforward, but then I'm running into an error that I can't figure out. Here's the code I'm using (has been modified slightly for brevity):

<%@ Application Language="C#" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Reflection" %>
<%@ Import Namespace="System.Collections" %>
<%@ Import Namespace="System.IdentityModel.Tokens" %>
<%@ Import Namespace="System.IdentityModel.Tokens.Jwt" %>
<%@ Import Namespace="System.Security.Claims" %>
<%@ Import Namespace="System.IdentityModel.Protocols.WSTrust" %>

<script runat="server">
    public class TestClass
    {
        public static string GetJwtToken()
        {
            var tokenHandler = new JwtSecurityTokenHandler();
            var input = "anyoldrandomtext";
            var securityKey = new byte[input.Length * sizeof(char)];
            Buffer.BlockCopy(input.ToCharArray(), 0, securityKey, 0, securityKey.Length);
            var now = DateTime.UtcNow;
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new[]
                {
                new Claim( ClaimTypes.UserData,
                "IsValid", ClaimValueTypes.String, "(local)" )
              }),
                TokenIssuerName = "self",
                AppliesToAddress = "https://www.mywebsite.com",
                Lifetime = new Lifetime(now, now.AddMinutes(60)),
                SigningCredentials = new SigningCredentials(new InMemorySymmetricSecurityKey(securityKey),
                  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
                  "http://www.w3.org/2001/04/xmlenc#sha256"),
            };

            var token = tokenHandler.CreateToken(tokenDescriptor);
            var tokenString = tokenHandler.WriteToken(token);

            return tokenString;
        }
    }
</script>

我在第 113 行不斷收到以下錯誤 (var token = tokenHandler.CreateToken(tokenDescriptor);):

I keep getting the following error at line 113 (var token = tokenHandler.CreateToken(tokenDescriptor);):

參數(shù) 1:無法從System.IdentityModel.Tokens.SecurityTokenDescriptor"轉(zhuǎn)換為Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor"

但是我在網(wǎng)上看到很多例子都和我做的一模一樣.我也遇到了這篇文章(https://msdn.microsoft.com/en-us/library/jj157089(v=vs.110).aspx) 聲明如下:

But I've seen many examples online doing things exactly as I've done them. I also ran into this article (https://msdn.microsoft.com/en-us/library/jj157089(v=vs.110).aspx) that states the following:

在 WIF 3.5 中，所有 WIF 類都包含在Microsoft.IdentityModel 程序集(microsoft.identitymicrosoft.identitymodel.dll).在 WIF 4.5 中，WIF類已拆分為以下程序集: mscorlib(mscorlib.dll), System.IdentityModel (System.IdentityModel.dll),System.IdentityModel.Services (System.IdentityModel.Services.dll)，以及System.ServiceModel (System.ServiceModel.dll).

In WIF 3.5, all of the WIF classes were contained in the Microsoft.IdentityModel assembly (microsoft.identitymicrosoft.identitymodel.dll). In WIF 4.5, the WIF classes have been split across the following assemblies: mscorlib (mscorlib.dll), System.IdentityModel (System.IdentityModel.dll), System.IdentityModel.Services (System.IdentityModel.Services.dll), and System.ServiceModel (System.ServiceModel.dll).

WIF 3.5 類都包含在其中一個Microsoft.IdentityModel 命名空間；例如，Microsoft.IdentityModel、Microsoft.IdentityModel.Tokens、Microsoft.IdentityModel.Web 等等.在 WIF 4.5 中，WIF 類現(xiàn)在分布在 System.IdentityModel 命名空間中，System.Security.Claims 命名空間和 System.ServiceModel.Security命名空間.除了這次重組之外，一些 WIF 3.5 類已在 WIF 4.5 中刪除.

The WIF 3.5 classes were all contained in one of the Microsoft.IdentityModel namespaces; for example, Microsoft.IdentityModel, Microsoft.IdentityModel.Tokens, Microsoft.IdentityModel.Web, and so on. In WIF 4.5, the WIF classes are now spread across the System.IdentityModel namespaces, the System.Security.Claims namespace, and the System.ServiceModel.Security namespace. In addition to this reorganization, some WIF 3.5 classes have been dropped in WIF 4.5.

為了調(diào)試，我嘗試將 Microsoft.* 命名空間用于 SecurityTokenDescriptor，然后我收到另一系列錯誤，指出 TokenIssuerName、AppliesToAddress 和 Lifetime 不是該類的有效屬性.然而，當(dāng)我在線查看文檔時，似乎這些屬性確實存在于 Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor 上.然而，在我的 Visual Studio 中，當(dāng)我為該類執(zhí)行 Go to Definition 時，它們并不存在，這讓我相信我的 Visual Studio 中存在某種配置問題.在我的包管理器中，它顯示我安裝了 Microsoft.IdentityModel.Tokens v5.0.0.我還將項目更改為 .NET 框架 4.5.1，因為 JWT 庫需要它.除此之外，我不知道還能去哪里.

I tried for debugging sake to switch to use the Microsoft.* namespace for the SecurityTokenDescriptor, and then I get another series of errors saying TokenIssuerName, AppliesToAddress, and Lifetime aren't valid properties for that class. Yet when I look at the docs online, seems like those properties do exist on Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor. Yet in my Visual Studio, when I do Go to Definition for that class, they're not there, leading me to believe that there's some kind of configuration issue in my Visual Studio. In my package manager, it shows I have Microsoft.IdentityModel.Tokens v5.0.0 installed. I also changed the project to .NET framework 4.5.1 since the JWT library requires it. Beyond that, I don't know where else to look.

推薦答案

我在升級的時候遇到了類似的情況，OpenID Connect 庫之前在 Microsoft.IdentityModel.Protocol.Extensions 包(依賴于 JWT 包的 4.0.2)，但現(xiàn)在是 Microsoft.IdentityModel.Protocols.OpenIdConnect，它依賴于 Microsoft.IdentityModel.Protocols 的 2.0.0(這取決于 5.0.0 的 JWT 包).

I ran into a similar situation with the OpenID Connect library when I upgraded, which previously was in the Microsoft.IdentityModel.Protocol.Extensions package (which depended on 4.0.2 of the JWT package) but now is Microsoft.IdentityModel.Protocols.OpenIdConnect which depends on 2.0.0 of Microsoft.IdentityModel.Protocols (which depends on 5.0.0 of the JWT package).

刪除您的任何 Microsoft.IdentityModel* 和 System.IdentityModel* 包，并僅安裝最新的 (5.0.0) System.IdentityModel.Tokens.Jwt 包，依賴于 Microsoft.IdentityModel.Tokens.

Remove any of your Microsoft.IdentityModel* and System.IdentityModel* packages, and install only the latest (5.0.0) System.IdentityModel.Tokens.Jwt package which depends on Microsoft.IdentityModel.Tokens.

您需要使用這些命名空間的語句:

You'll want using statements for these namespaces:

• Microsoft.IdentityModel.Tokens(但不是 System.IdentityModel.Tokens)
• System.IdentityModel.Tokens.Jwt
• System.Security.Claims

Microsoft 已經(jīng)簡化了一些參數(shù)，使其更像您對其他平臺的 JWT 庫的期望，因此 SecurityTokenDescriptor 屬性略有不同:

Microsoft has simplified some of the parameters to be more like what you would expect from other platforms' JWT libraries, so the SecurityTokenDescriptor properties are a little different:

var tokenDescriptor = new SecurityTokenDescriptor
{
    Subject = new ClaimsIdentity(new[]
    {
        new Claim( ClaimTypes.UserData,
        "IsValid", ClaimValueTypes.String, "(local)" )
    }),
    Issuer = "self",
    Audience = "https://www.mywebsite.com",
    Expires = now.AddMinutes(60),
    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(securityKey), SecurityAlgorithms.HmacSha256),
};

請注意，SecurityAlgorithms.HmacSha256 是HS256"的字符串常量，就像您在大多數(shù)其他庫中使用的一樣.使用上面的代碼加上您問題中的示例，您應(yīng)該能夠生成有效的 JWT.

Note that SecurityAlgorithms.HmacSha256 is a string constant for "HS256", just like you'd use in most other libraries. Using the above code plus the example in your question, you should be able to generate a valid JWT.

這篇關(guān)于嘗試使用 .NET JWT 庫生成令牌時出錯的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！