c# – 带有OWIN的webapi中的复杂JSON Web令牌数组

我正在努力学习JWT和ouath.我遇到过JWT的形式,它可以帮助我开发我的授权服务器.

我遇到的格式如下:

{
  iat: 1416929061, 
  jti: "802057ff9b5b4eb7fbb8856b6eb2cc5b",
  scopes: {
    users: {
      actions: ['read', 'create']
    },
    users_app_metadata: {
      actions: ['read', 'create']
    }
  }
}

但是,因为在添加声明时我们只能添加简单的字符串,这样可以实现这样的事情吗?

我到目前为止看到的唯一方法是使用JSON.serialization – 来自https://stackoverflow.com/a/27279400/2476347

new Claim(someClass,JsonConvert.SerializeObject(result)

任何准则将不胜感激!谢谢!

用于测试的代码

我想在JWT中使用

public class MyTes
{
    public string       area { get; set; }
    public List<string> areapermissions { get; set; }
}

然后我使用以下代码生成令牌

        var identity = new ClaimsIdentity("JWT");

        var cos = new List<string>();

        cos.Add("aaa");
        cos.Add("bbb");

        MyTes vario = new MyTes()
        {
            area = "someregion",
            areapermissions = cos
        };




        identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
        identity.AddClaim(new Claim("sub", context.UserName));
        identity.AddClaim(new Claim(ClaimTypes.Role, "Manager"));
        identity.AddClaim(new Claim(ClaimTypes.Role, "Supervisor"));
        identity.AddClaim(new Claim("scope", "xyz1"));
        identity.AddClaim(new Claim("scope", "xyz2"));
        identity.AddClaim(new Claim("scope", "xyz3"));
        identity.AddClaim(new Claim("APIs", JsonConvert.SerializeObject(cos)));
        identity.AddClaim(new Claim("APIs2", JsonConvert.SerializeObject(vario)));

这没有错误,当我解码我现在得到的票:

{
  "unique_name": "Rafski",
  "sub": "Rafski",
  "role": [
    "Manager",
    "Supervisor"
  ],
  "scope": [
    "xyz1",
    "xyz2",
    "xyz3"
  ],
  "APIs": "[\"aaa\",\"bbb\"]",
  "APIs2": "{\"area\":\"someregion\",\"areapermissions\":[\"aaa\",\"bbb\"]}",
  "iss": "http://kurwa.mac",
  "aud": "7aaa70ed8f0b4807a01596e2abfbd44d",
  "exp": 1429351056,
  "nbf": 1429349256
}
最佳答案
以下是如何使用.Net创建具有复杂JSON声明的JWT令牌.

使用Nuget获取Library:System.IdentityModel.Tokens.Jwt

然后使用以下代码创建JWT令牌.

var keybytes = Convert.FromBase64String(YOUR_CLIENT_SECRET);
        var signingCredentials = new SigningCredentials(
                    new InMemorySymmetricSecurityKey(keybytes),
                    SecurityAlgorithms.HmacSha256Signature,
                    SecurityAlgorithms.Sha256Digest);

        var nbf = DateTime.UtcNow.AddSeconds(-1);
        var exp = DateTime.UtcNow.AddSeconds(120);
        var payload = new JwtPayload(null, "", new List<Claim>(), nbf, exp);

        var users = new Dictionary<string, object>();
        users.Add("actions", new List<string>() { "read", "create" });
        var scopes = new Dictionary<string, object>();
        scopes.Add("users", users);
        payload.Add("scopes", scopes);

        var jwtToken = new JwtSecurityToken(new JwtHeader(signingCredentials), payload);
        var jwtTokenHandler = new JwtSecurityTokenHandler();
        return jwtTokenHandler.WriteToken(jwtToken);

哪个会产生诸如此类的令牌

{
  "typ": "JWT",
  "alg": "HS256"
}    
{
      "exp": 1433254394,
      "nbf": 1433254273,
      "scopes": {
        "users": {
          "actions": [
            "read", "create"
          ]
        }
      }
    }

转载注明原文:c# – 带有OWIN的webapi中的复杂JSON Web令牌数组 - 代码日志