問題描述

我對 JwtSecurityTokens 還很陌生，我試圖了解它的不同方面，以及整個 claimsidentity 和 claimprincipal，但那是另一回事了.

我嘗試使用以下代碼在 C# 中生成令牌:

private const string SECRET_KEY = "abcdef";私有靜態(tài)只讀 SymmetricSecurityKey SIGNING_KEY = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SECRET_KEY));公共靜態(tài)字符串 GenerateToken(string someName){var token = new JwtSecurityToken(索賠:新索賠[]{新聲明(ClaimTypes.Name，someName)，},notBefore: 新的 DateTimeOffset(DateTime.Now).DateTime,過期:新的 DateTimeOffset(DateTime.Now.AddMinutes(60)).DateTime,簽名證書:新的簽名證書(SIGNING_KEY，SecurityAlgorithms.HmacSha256));返回新的 JwtSecurityTokenHandler().WriteToken(token);}

<塊引用>

我遵循了 Youtube 上的教程，但我不確定我是否理解JwtSecurityToken 中的不同部分.另外，當(dāng)我執(zhí)行通過控制器的代碼只是為了嘗試返回一個令牌，它返回一個錯誤，說:IDX10603:解密失敗.密鑰嘗試:'[PII 被隱藏]'".

感謝任何幫助.

算法 HS256 要求 SecurityKey.KeySize 大于 128 位，而您的密鑰只有 48 位.通過添加至少還有 10 個符號.至于PII 被隱藏"部分，它是作為 GDPR 合規(guī)性工作的一部分，以隱藏日志中的任何堆棧或變量信息.您應(yīng)該啟用其他詳細信息:

IdentityModelEventSource.ShowPII = true;

I'm fairly new to JwtSecurityTokens, and I try to understand the different aspects of it and furhtermore the whole claimsidentity and claimprincipal, but that's another story.

I try to generate a token in C# by using the following code:

private const string SECRET_KEY = "abcdef";
private static readonly SymmetricSecurityKey SIGNING_KEY = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SECRET_KEY));

    public static string GenerateToken(string someName)
    {
        var token = new JwtSecurityToken(
            claims: new Claim[]
            {
                new Claim(ClaimTypes.Name, someName), 
            },
            notBefore: new DateTimeOffset(DateTime.Now).DateTime,
            expires: new DateTimeOffset(DateTime.Now.AddMinutes(60)).DateTime,
            signingCredentials: new SigningCredentials(SIGNING_KEY, SecurityAlgorithms.HmacSha256)
        );

        return new JwtSecurityTokenHandler().WriteToken(token);
    }

I followed a tutorial on Youtube, but I'm not sure I understand the different parts in the JwtSecurityToken. In addition, when I execute the code through a controller just to try to return a token, it returns an error, saying: "IDX10603: Decryption failed. Keys tried: '[PII is hidden]'".

Any help is appreciated.

The algorithm HS256 requires the SecurityKey.KeySize to be greater than 128 bits and your key has just 48. Extend it by adding at least 10 more symbols. As for "PII is hidden" part, it was done as a part of GDPR compliance effort to hide any stack or variable info in logs. You should enable additional details with:

IdentityModelEventSource.ShowPII = true;

這篇關(guān)于JwtSecurityToken 理解與異常的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！