You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

56 lines
2.1 KiB
C#

12 months ago
using DS.Module.Core;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using System.Text;
namespace DS.Module.Jwt;
/// <summary>
/// Jwt 服务
/// </summary>
public static class JwtInstall
{
/// <summary>
/// 将模块服务添加到依赖注入服务容器中
/// </summary>
/// <param name="services">依赖注入服务容器</param>
/// <returns></returns>
public static IServiceCollection AddJwtInstall(this IServiceCollection services)
{
// 添加验证服务
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.TokenValidationParameters = new TokenValidationParameters
{
// 是否开启签名认证
ValidateIssuerSigningKey = true,
11 months ago
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(AppSetting.app(new string[] { "JwtSettings", "SecretKey" }))),
12 months ago
// 发行人验证这里要和token类中Claim类型的发行人保持一致
ValidateIssuer = true,
11 months ago
ValidIssuer = AppSetting.app(new string[] { "JwtSettings", "Issuer" }),//发行人
12 months ago
// 接收人验证
ValidateAudience = true,
11 months ago
ValidAudience = AppSetting.app(new string[] { "JwtSettings", "Audience" }),//订阅人
12 months ago
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero,
};
o.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
// 如果过期,则把<是否过期>添加到,返回头信息中
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return Task.CompletedTask;
}
};
});
return services;
}
}