using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; using DS.Module.Core.Extensions; using Microsoft.IdentityModel.Tokens; namespace DS.Module.Core; public class JwtHelper { /// /// 生成JWT字符串 /// /// /// public static string GetJWT(string Jti) { DateTime utc = DateTime.UtcNow; string iss = AppSetting.Configuration["JwtSettings:Issuer"]; string aud = AppSetting.Configuration["JwtSettings:Audience"]; string secret = AppSetting.Configuration["JwtSettings:SecretKey"]; var claims = new List { new Claim(JwtRegisteredClaimNames.Jti, Jti), // 令牌颁发时间 new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // 过期时间 2小时 new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者 new Claim(JwtRegisteredClaimNames.Aud, aud) // 接收者 }; // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwt = new JwtSecurityToken( issuer: iss, claims: claims, // 声明的集合 //expires: .AddSeconds(36), // token的有效时间 signingCredentials: creds ); var handler = new JwtSecurityTokenHandler(); // 生成 jwt字符串 var strJWT = handler.WriteToken(jwt); return strJWT; } public static string Encrypt(JwtTokenModel data) { DateTime utc = DateTime.UtcNow; string iss = AppSetting.Configuration["JwtSettings:Issuer"]; string aud = AppSetting.Configuration["JwtSettings:Audience"]; string secret = AppSetting.Configuration["JwtSettings:SecretKey"]; var claims = new List { new Claim(JwtRegisteredClaimNames.Jti, data.Uid), // 令牌颁发时间 new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // 过期时间 2小时 new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者 new Claim(JwtRegisteredClaimNames.Aud, aud), // 接收者 new Claim("CompanyId", data.CompanyId), // 公司ID // new Claim("TenantId", data.TenantId) // 租户ID }; // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwt = new JwtSecurityToken( issuer: iss, claims: claims, // 声明的集合 //expires: .AddSeconds(36), // token的有效时间 signingCredentials: creds ); var handler = new JwtSecurityTokenHandler(); // 生成 jwt字符串 var strJWT = handler.WriteToken(jwt); return strJWT; } /// /// 解析 /// /// /// public static string SerializeJwt(string jwtStr) { var jwtHandler = new JwtSecurityTokenHandler(); string userId = string.Empty; // token校验 if (jwtStr.IsNullOrEmpty() && jwtHandler.CanReadToken(jwtStr)) { JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr); userId = jwtToken.Claims.First().Value; } return userId; } /// /// token实体 /// public class JwtTokenModel { /// /// Id /// public string Uid { get; set; } /// /// 公司ID /// public string CompanyId { get; set; } /// /// 租户ID /// public string TenantId { get; set; } } }