其他
秒懂 JWT!
作者 | 喵叔
责编 | 胡巍巍
出品 | 程序人生(ID:coder_life)
{
"alg":"HS256",
"typ":"JWT"
}
标准注册声明
公共声明:
私有声明:
{
"exp":"201909181230",
"role":"admin",
"isShow":false
}
定义 JWT 头
string jwtHeader = "{\"alg\":\"HS256\",\"typ\":\"JWT\"}";
定义有效载荷
string exp = GetTimeStamp(DateTime.Now.AddHours(1));
string jwtHeader = "{\"name\":\"zhangsan\",\"exp\":\"" + exp + "\",\"jti\":\"123123\"}";
加密 JWT 头和有效载荷
生成哈希签名
按顺序链接三部分,最终形成 JWT:
static void Main(string[] args)
{
string jwtHeader = "{\"alg\":\"HS256\",\"typ\":\"JWT\"}";
string exp = GetTimeStamp(DateTime.Now.AddHours(1));
string jwtPlayload = "{\"name\":\"zhangsan\",\"exp\":\"" + exp + "\",\"jti\":\"123123\"}";
string jwtHeaderBase64Url = Base64Url(jwtHeader);
string jwtPlayloadBase64Url = Base64Url(jwtPlayload);
string signature = HMACSHA256(jwtHeaderBase64Url + "." + jwtPlayloadBase64Url,"123123");
string jwtStr = jwtHeaderBase64Url + "." + jwtPlayloadBase64Url + "." + signature;
Console.WriteLine(jwtStr);
Console.ReadLine();
}
private static string HMACSHA256(string message, string key)
{
var encoding = new System.Text.UTF8Encoding();
byte[] keyByte = encoding.GetBytes(key);
byte[] messageBytes = encoding.GetBytes(message);
using (var hmacSHA256 = new HMACSHA256(keyByte))
{
byte[] hashMessage = hmacSHA256.ComputeHash(messageBytes);
return BitConverter.ToString(hashMessage).Replace("-", "").ToLower();
}
}
private static string Base64Url(string str)
{
byte[] encodedBytes = Encoding.UTF8.GetBytes(str);
string base64EncodedText = Convert.ToBase64String(encodedBytes);
base64EncodedText = base64EncodedText
.Replace("=", String.Empty)
.Replace('+', '-')
.Replace('/', '_');
return base64EncodedText;
}
private static string GetTimeStamp(DateTime dt)
{
DateTime startTime = TimeZone.CurrentTimeZone.ToLocalTime(new System.DateTime(1970, 1, 1, 0, 0, 0, 0));
DateTime nowTime = dt;
long unixTime =
(long)System.Math.Round((nowTime - startTime).TotalMilliseconds, MidpointRounding.AwayFromZero);
return unixTime.ToString();
}
{
string exp = GetTimeStamp(DateTime.Now.AddHours(1));
var payload = new Dictionary<string, object>
{
{"name", "zhangsan"},
{"exp", exp},
{"jti", "123123"}
};
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
string jwtStr= encoder.Encode(payload, "123123");
Console.WriteLine(jwtStr);
Console.ReadLine();
}
IJwtValidator validator = new JwtValidator(serializer, provider);
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
var json = decoder.Decode(jwtStr, "123123", verify: true);
☞横扫阿里、滴滴、美团后,阿里程序媛整理出这份厚厚的面经!☞300 秒就完成第一超算 1 万年的计算量,量子霸权真时代要来了吗
☞“不给钱就删库”的勒索病毒, 程序员该如何防护?
☞谷歌称已实现量子霸权;iOS 捷径功能被诉侵权;Chrome 78 Beta 发布 | 极客头条☞看完这篇还不会kafka,我跪榴莲!☞旷视张祥雨:高效轻量级深度模型的研究和实践 | AI ProCon 2019☞一文读懂分片基础原理, 数据分片, 跨分片交易, 区块链分片和缩放究竟是什么鬼?☞厉害!接班马云的为何是张勇?