6

What I want is a method of JWT Generation and JWT Consumption in ASP.NET Core.

No OAuth2 flow, I do have the IdentityServerv3 working with OAuth2 but it is just overkill for a single app accessing an API when I own both sides.

The main source of difficulty I am having is finding out the equivalent of Microsoft.Owin.Security.Jwt in ASP.NET Core. Nothing in this list https://www.myget.org/gallery/aspnetvnext seems to relate. Or is that package actually to stay relevant in with ASP.NET Core?

4

2 回答 2

5

如果您正在寻找一种(简单)方法来生成自己的 JWT 令牌,则应直接使用JwtSecurityTokenHandler. 您可以在System.IdentityModel.Tokens您提到的 MyGet 存储库的包中找到它(但现在版本有点旧)或直接在 Azure AD 存储库中的System.IdentityModel.Tokens.Jwt包中找到它:https ://www.myget.org/gallery/azureadwebstacknightly

当然,使用标准协议来发布和检索您的 JWT 令牌是非常值得推荐的,OAuth2 和 OpenID Connect 可能是最好的选择。

请注意,IdentityServer不是唯一适用于 ASP.NET 5 的服务器。我个人正在研究 Katana 3 附带的 OAuth2 授权服务器中间件的高级分支,它提供了不同的方法:https ://github.com /aspnet-contrib/AspNet.Security.OpenIdConnect.Server

app.UseOAuthBearerAuthentication(new JwtBearerOptions
{
    AutomaticAuthenticate = true,
    AutomaticChallenge = true,
    Audience = "http://localhost:54540/",
    Authority = "http://localhost:54540/"
});

app.UseOpenIdConnectServer(options =>
{
    options.Provider = new AuthorizationProvider();
});

要了解有关此项目的更多信息,我建议阅读http://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-introduction/

如果您需要更多信息,请随时在https://jabbr.net/#/rooms/AspNetCore上联系我。

于 2015-06-05T17:51:21.880 回答
2

我已经开始使用OpenIddict,我认为这正是您所需要的。

这基本上是我需要的所有配置:

配置服务:

services.AddIdentity<ApplicationUser, ApplicationRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders()
            .AddOpenIddictCore<Application>(config => config.UseEntityFramework());

配置

app.UseOpenIddictCore(builder =>
{
    // tell openiddict you're wanting to use jwt tokens
    builder.Options.UseJwtTokens();
    // NOTE: for dev consumption only! for live, this is not encouraged!
    builder.Options.AllowInsecureHttp = true;
    builder.Options.ApplicationCanDisplayErrors = true;
});

// use jwt bearer authentication
app.UseJwtBearerAuthentication(options =>
{
    options.AutomaticAuthenticate = true;
    options.AutomaticChallenge = true;
    options.RequireHttpsMetadata = false;
    options.Audience = "http://localhost:58292/";
    options.Authority = "http://localhost:58292/";
});

还有一两个其他小事情,例如您的 DbContext 需要从OpenIddictContext<ApplicationUser, Application, ApplicationRole, string>.

您可以在我的这篇博文中看到完整的解释(包括指向 github 存储库的链接):http: //capesean.co.za/blog/asp-net-5-jwt-tokens/

于 2016-01-08T21:47:38.943 回答