using DS.Module.Core.Extensions; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace DS.Module.Core; public class JwtHelper { /// /// 生成JWT字符串 /// /// /// public static string GetJWT(string Jti) { DateTime utc = DateTime.UtcNow; string iss = AppSetting.app(new string[] { "JwtSettings", "Issuer" }); string aud = AppSetting.app(new string[] { "JwtSettings", "Audience" }); string secret = AppSetting.app(new string[] { "JwtSettings", "SecretKey" }); var claims = new List { new Claim(JwtRegisteredClaimNames.Jti, Jti), // 令牌颁发时间 new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // 过期时间 2小时 new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者 new Claim(JwtRegisteredClaimNames.Aud, aud) // 接收者 }; // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwt = new JwtSecurityToken( issuer: iss, claims: claims, // 声明的集合 //expires: .AddSeconds(36), // token的有效时间 signingCredentials: creds ); var handler = new JwtSecurityTokenHandler(); // 生成 jwt字符串 var strJWT = handler.WriteToken(jwt); return strJWT; } /// /// 生成Token /// /// /// 是否刷新 /// 是否客户端 /// public static string Encrypt(JwtTokenModel data, bool isRefresh = false,bool isClient = false) { DateTime utc = DateTime.UtcNow; string iss = AppSetting.app(new string[] { "JwtSettings", "Issuer" }); string aud = AppSetting.app(new string[] { "JwtSettings", "Audience" }); string secret = AppSetting.app(new string[] { "JwtSettings", "SecretKey" }); var claims = new List { new Claim(JwtRegisteredClaimNames.Jti, data.Uid), // 令牌颁发时间 new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // 过期时间 2小时 new Claim(JwtRegisteredClaimNames.Exp, isRefresh ? $"{new DateTimeOffset(DateTime.Now).AddMinutes(150).ToUnixTimeSeconds()}" :$"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者 new Claim(JwtRegisteredClaimNames.Aud, aud), // 接收者 // new Claim("OrgId", data.OrgId), // 公司ID new Claim("UserName", data.Name), // UserName new Claim("TenantId", data.TenantId), // 租户ID }; // 添加机构信息 if (isClient) { claims.Add(new Claim("OrgId", data.OrgId));// 机构ID } // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwt = new JwtSecurityToken( issuer: iss, claims: claims, // 声明的集合 //expires: .AddSeconds(36), // token的有效时间 signingCredentials: creds ); var handler = new JwtSecurityTokenHandler(); // 生成 jwt字符串 var strJWT = handler.WriteToken(jwt); return strJWT; } /// /// 解析 /// /// /// public static string SerializeJwt(string jwtStr) { var jwtHandler = new JwtSecurityTokenHandler(); string userId = string.Empty; // token校验 if (jwtStr.IsNullOrEmpty() && jwtHandler.CanReadToken(jwtStr)) { JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr); userId = jwtToken.Claims.First().Value; } return userId; } /// /// 对jwt字符串 解码 /// public static Dictionary DecodeJwt(string accessToken) { Dictionary dic = new Dictionary(); var jwtHandler = new JwtSecurityTokenHandler(); // token校验 if (!string.IsNullOrEmpty(accessToken) && jwtHandler.CanReadToken(accessToken)) { JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(accessToken); var claims = jwtToken.Claims; foreach (var claim in claims) { dic.Add(claim.Type, claim.Value); } } return dic; } /// /// token实体 /// public class JwtTokenModel { /// /// Id /// public string Uid { get; set; } /// /// Name /// public string Name { get; set; } /// /// GID /// public Guid? GID { get; set; } /// /// 机构ID /// public string OrgId { get; set; } /// /// 租户ID /// public string TenantId { get; set; } } }