我一直使用智威汤逊库脱codeA的Json网络令牌,并想切换微软官方智威汤逊的实施,System.IdentityModel.Tokens.Jwt.
I've been using the JWT library to decode a Json Web Token, and would like to switch to Microsoft's official JWT implementation, System.IdentityModel.Tokens.Jwt.
该文档是很稀疏,所以我有一个很难搞清楚如何来完成我一直在做的智威汤逊库。随着智威汤逊图书馆,有一个德code方法,该方法中的Base64 EN codeD智威汤逊,并把它变成JSON,然后可以反序列化。我想要做的使用System.IdentityModel.Tokens.Jwt类似的东西,但挖了相当数量后,无法弄清楚如何。
The documentation is very sparse, so I'm having a hard time figuring how to accomplish what I've been doing with the JWT library. With the JWT library, there is a Decode method that takes the base64 encoded JWT and turns it into JSON which can then be deserialized. I'd like to do something similar using System.IdentityModel.Tokens.Jwt, but after a fair amount of digging, cannot figure out how.
有关它的价值,我读从一个cookie的智威汤逊标记,以便与谷歌的身份框架使用。
For what it's worth, I'm reading the JWT token from a cookie, for use with Google's identity framework.
任何帮助将是AP preciated。
Any help would be appreciated.
在这个包中有一类名为 JwtSecurityTokenHandler
这源于系统。 IdentityModel.Tokens.SecurityTokenHandler
。在WIF这是核心类deserialising和连载安全令牌。
Within the package there is a class called JwtSecurityTokenHandler
which derives from System.IdentityModel.Tokens.SecurityTokenHandler
. In WIF this is the core class for deserialising and serialising security tokens.
类有一个 ReadToken(字符串)
方法,将您的base64 EN codeD智威汤逊字符串,并返回一个 SecurityToken
从而重新presents的智威汤逊。
The class has a ReadToken(String)
method that will take your base64 encoded JWT string and returns a SecurityToken
which represents the JWT.
在 SecurityTokenHandler
也有 ValidateToken(SecurityToken)
方法,需要你的 SecurityToken
,并创建一个 ReadOnlyCollection还< ClaimsIdentity>
。通常对于智威汤逊,这将包含单个 ClaimsIdentity
对象,它具有一组声明重新presenting原智威汤逊的属性。
The SecurityTokenHandler
also has a ValidateToken(SecurityToken)
method which takes your SecurityToken
and creates a ReadOnlyCollection<ClaimsIdentity>
. Usually for JWT, this will contain a single ClaimsIdentity
object that has a set of claims representing the properties of the original JWT.
JwtSecurityTokenHandler
定义了一些额外的重载 ValidateToken
,尤其是,它有一个 ClaimsPrincipal ValidateToken(JwtSecurityToken,TokenValidationParameters)
超载。该 TokenValidationParameters
参数允许您指定令牌签名证书(如 X509SecurityTokens
的列表)。它还具有过载,是以智威汤逊为字符串
,而不是 SecurityToken
。
JwtSecurityTokenHandler
defines some additional overloads for ValidateToken
, in particular, it has a ClaimsPrincipal ValidateToken(JwtSecurityToken, TokenValidationParameters)
overload. The TokenValidationParameters
argument allows you to specify the token signing certificate (as a list of X509SecurityTokens
). It also has an overload that takes the JWT as a string
rather than a SecurityToken
.
在code做,这是相当复杂的,但可以在Global.asax.cx code被发现( TokenValidationHandler
班)在开发者样品被称为ADAL - 本机应用程序以REST服务 - 通过浏览器对话框身份验证与ACS,位于
The code to do this is rather complicated, but can be found in the Global.asax.cx code (TokenValidationHandler
class) in the developer sample called "ADAL - Native App to REST service - Authentication with ACS via Browser Dialog", located at
http://$c$c.msdn.microsoft.com/AAL-Native-App-to-REST-de57f2cc
另外,在 JwtSecurityToken
类具有额外的方法不属于基础上 SecurityToken
类,如要求
属性,获取所含的求偿,但没有通过 ClaimsIdentity
集合去。它也有一个负载
属性,返回一个 JwtPayload
对象,使您可以在标记的原始JSON获得。这要看你的情况而接近它最合适的。
Alternatively, the JwtSecurityToken
class has additional methods that are not on the base SecurityToken
class, such as a Claims
property that gets the contained claims without going via the ClaimsIdentity
collection. It also has a Payload
property that returns a JwtPayload
object that lets you get at the raw JSON of the token. It depends on your scenario which approach it most appropriate.
一般的(即非智威汤逊专用) SecurityTokenHandler
类文档是
The general (i.e. non JWT specific) documentation for the SecurityTokenHandler
class is at
http://msdn.microsoft.com/en-us/library/system.identitymodel.tokens.securitytokenhandler.aspx
根据您的应用程序,您可以配置智威汤逊处理程序进入WIF管道完全像任何其他的处理程序。
Depending on your application, you can configure the JWT handler into the WIF pipeline exactly like any other handler.
有3个样品,它在不同类型的应用程序使用在
There are 3 samples of it in use in different types of application at
http://$c$c.msdn.microsoft.com/site/search?f%5B0%5D.Type=SearchText&f%5B0%5D.Value=aal&f%5B1%5D.Type=User&f%5B1%5D.Value=Azure%20AD%20Developer%20Experience%20Team&f%5B1%5D.Text=Azure%20AD%20Developer%20Experience%20Team
也许,一会适合您的需求,或者至少能适应他们。
Probably, one will suite your needs or at least be adaptable to them.