RuoVea.ExJwtBearer 6.0.11.1

.NET 6.0
There is a newer version of this package available.
See the version list below for details. 
dotnet add package RuoVea.ExJwtBearer --version 6.0.11.1
NuGet\Install-Package RuoVea.ExJwtBearer -Version 6.0.11.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="RuoVea.ExJwtBearer" Version="6.0.11.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add RuoVea.ExJwtBearer --version 6.0.11.1
#r "nuget: RuoVea.ExJwtBearer, 6.0.11.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install RuoVea.ExJwtBearer as a Cake Addin
#addin nuget:?package=RuoVea.ExJwtBearer&version=6.0.11.1

// Install RuoVea.ExJwtBearer as a Cake Tool
#tool nuget:?package=RuoVea.ExJwtBearer&version=6.0.11.1

RuoVea.ExJwtBearer

JWT扩展帮助类库

使用示例

注入 Jwt

添加Jwt验证

services.AddJwtAuthorization(enableGlobalAuthorize: true);

添加JWT及鉴权

services.AddJwtAuthorization<JwtHandler>(enableGlobalAuthorize: true);

添加JWT加密

services.AddJwtEncryption();

app添加

app.UseAuthentication();
app.UseAuthorization();

enableGlobalAuthorize=false时候可以只有验证;[Authorize(AuthenticationSchemes = "Bearer")]、[BearerAuthorize]

使用Jwt

声名 IJwtToken _jwtToken

_jwtToken.Encrypt(new Dictionary<string, object>)
登录时使用Jwt

使用方式一、

     // 生成Token令牌
     var accessToken =  LoginToken(UserVo user, Dictionary<string, object> extend);
    
     // 设置Swagger自动登录
     _httpContextAccessor.HttpContext.SigninToSwagger(accessToken);
    
     // 生成刷新Token令牌
     //var refreshToken = _jwtToken.GenerateRefreshToken(accessToken, 30);
    
     // 设置刷新Token令牌
     //_httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = refreshToken;

使用方式二、

     // 生成Token令牌
     var accessToken = _jwtToken.Encrypt(new Dictionary<string, object>
     {
         {ClaimConst.CLAINM_USERID, user.Id},
         {ClaimConst.TENANT_ID, user.TenantId},
         {ClaimConst.CLAINM_ACCOUNT, user.Account},
         {ClaimConst.CLAINM_NAME, user.Name},
         {ClaimConst.CLAINM_SUPERADMIN, user.AdminType},
     });
    
     // 设置Swagger自动登录
     _httpContextAccessor.HttpContext.SigninToSwagger(accessToken);
    
     // 生成刷新Token令牌
     //var refreshToken = _jwtToken.GenerateRefreshToken(accessToken, 30);
    
     // 设置刷新Token令牌
     //_httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = refreshToken;
配置文件
{
  /* Jwt配置 */
  "JWTSettings": {
    "ValidateIssuerSigningKey": true, // 是否验证密钥,bool 类型,默认true
    "IssuerSigningKey": "3c1cbc3f546eda35168c3aa3cb91780fbe703f0996c6d123ea96dc85c70bbc0a", // 密钥,string 类型,必须是复杂密钥,长度大于16
    "ValidateIssuer": true, // 是否验证签发方,bool 类型,默认true
    "ValidIssuer": "SecurityDemo.Authentication.JWT", // 签发方,string 类型
    "ValidateAudience": true, // 是否验证签收方,bool 类型,默认true
    "ValidAudience": "jwtAudience", // 签收方,string 类型
    "ValidateLifetime": true, // 是否验证过期时间,bool 类型,默认true,建议true
    "ExpiredTime": 1440, // 过期时间,long 类型,单位分钟,默认1440分钟(24小时)
    "ClockSkew": 5 // 过期时间容错值,long 类型,单位秒,默认5秒
  }
}

AppAuthorizeHandler 实现类

/// <summary>
/// 实现
/// </summary>
public class JwtHandler : AppAuthorizeHandler 
{
   protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PolicyRequirement requirement)
   {
       //// 自动刷新 token
       //if (JWTEncryption.AutoRefreshToken(context, context.GetCurrentHttpContext()))
       //{
       //    await AuthorizeHandleAsync(context);
       //}

       // 判断是否授权
       var isAuthenticated = context.User.Identity.IsAuthenticated;
       if (isAuthenticated)
       {
           await AuthorizeHandleAsync(context);
       }
       else context.GetCurrentHttpContext()?.SignoutToSwagger();    // 退出Swagger登录
   }

   /// <summary>
   /// 授权处理
   /// </summary>
   /// <param name="context"></param>
   /// <returns></returns>
   protected async Task AuthorizeHandleAsync(AuthorizationHandlerContext context)
   {
       // 获取所有未成功验证的需求
       var pendingRequirements = context.PendingRequirements;

       // 获取 HttpContext 上下文
       var httpContext = context.GetCurrentHttpContext();

       // 调用子类管道
       // 此处已经自动验证 Jwt Token的有效性了,无需手动验证
       var pipeline = await CheckAuthorzieAsync(httpContext);
       if (pipeline)
       {
           Task.FromResult(true);
           // 通过授权验证
           foreach (var requirement in pendingRequirements)
           {
               // 验证策略管道
               var policyPipeline = await PolicyPipelineAsync(context, httpContext, requirement);
               if (policyPipeline) context.Succeed(requirement);
           }
       }
       else context.Fail();
   }

   /// <summary>
   /// 检查权限
   /// </summary>
   /// <param name="httpContext"></param>
   /// <returns></returns>
   private static async Task<bool> CheckAuthorzieAsync(DefaultHttpContext httpContext)
   {
       // 管理员跳过判断
       var userManager = App.GetService<IUserManager>();
       if (userManager.SuperAdmin) return true;

       // 路由名称
       var routeName = httpContext.Request.Path.Value.Substring(1).Replace("/", ":");

       var allPermission = await App.GetService<ISysMenuService>().GetAllPermission();

       if (!allPermission.Contains(routeName))
       {
           return true;
       }


       // 默认路由(获取登录用户信息)
       var defalutRoute = new List<string>()
       {
           "Auth:getLoginUser",
           "getLoginUser",
           "sysNotice:unread",
           "codeGenerate:InformationList",
           "sysFileInfo:uploadAvatar",
           "sysFileInfo:preview"
       };

       if (defalutRoute.Contains(routeName)) return true;

       // 获取用户权限集合(按钮或API接口)
       var permissionList = await App.GetService<ISysMenuService>().GetLoginPermissionList(userManager.UserId);

       // 检查授权
       return permissionList.Contains(routeName);
   }

   /// <summary>
   /// 策略验证管道
   /// </summary>
   /// <param name="context"></param>
   /// <param name="httpContext"></param>
   /// <param name="requirement"></param>
   /// <returns></returns>
   public virtual Task<bool> PolicyPipelineAsync(AuthorizationHandlerContext context, DefaultHttpContext httpContext, IAuthorizationRequirement requirement)
   {
       return Task.FromResult(true);
   }
}

总是遇到401问题添加如下代码

    app.UseAuthentication();
    app.UseAuthorization();
Product Compatible and additional computed target framework versions.
.NET net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on RuoVea.ExJwtBearer:

Package Downloads
RuoVea.OAuthServer

OAuth2.0 授权中心

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
6.0.11.4 143 3/13/2024
6.0.11.3 92 3/11/2024
6.0.11.2 92 2/27/2024
6.0.11.1 84 2/22/2024
6.0.11 419 9/8/2022
6.0.10 387 6/10/2022
6.0.9 386 3/25/2022
6.0.8 387 3/25/2022
6.0.7 390 3/25/2022
6.0.6 387 3/24/2022
6.0.5 366 3/24/2022
6.0.4 366 3/24/2022
6.0.3 373 3/24/2022
6.0.2 384 3/23/2022
6.0.1 370 3/22/2022
6.0.0 401 2/18/2022
5.0.1 391 3/23/2022
5.0.0 409 3/22/2022