99 lines
3.4 KiB
C#
99 lines
3.4 KiB
C#
|
using Microsoft.AspNetCore.Authentication;
|
|||
|
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|||
|
|
using Microsoft.AspNetCore.Http;
|
|||
|
|
using Microsoft.AspNetCore.Mvc.Controllers;
|
|||
|
|
using Microsoft.AspNetCore.Mvc;
|
|||
|
|
using Microsoft.Extensions.DependencyInjection;
|
|||
|
|
using Microsoft.Extensions.Logging;
|
|||
|
|
using Microsoft.Extensions.Options;
|
|||
|
|
using Microsoft.IdentityModel.Tokens;
|
|||
|
|
using System;
|
|||
|
|
using System.Collections.Generic;
|
|||
|
|
using System.IdentityModel.Tokens.Jwt;
|
|||
|
|
using System.Linq;
|
|||
|
|
using System.Net.Http;
|
|||
|
|
using System.Security.Claims;
|
|||
|
|
using System.Text;
|
|||
|
|
using System.Text.Encodings.Web;
|
|||
|
|
using System.Threading.Tasks;
|
|||
|
|
using Volo.Abp;
|
|||
|
|
using Microsoft.AspNetCore.Routing;
|
|||
|
|
|
|||
|
|
namespace Syc.Authorize.JwtBearer
|
|||
|
|
{
|
|||
|
|
/// <summary>
|
|||
|
|
/// 自定义身份验证处理程序
|
|||
|
|
/// </summary>
|
|||
|
|
public class JwtBearerAuthenticationHandler : AuthenticationHandler<JwtBearerOptions>
|
|||
|
|
{
|
|||
|
|
public JwtBearerAuthenticationHandler(IOptionsMonitor<JwtBearerOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) :
|
|||
|
|
base(options, logger, encoder, clock)
|
|||
|
|
{
|
|||
|
|
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/// <summary>
|
|||
|
|
/// 身份验证
|
|||
|
|
/// </summary>
|
|||
|
|
/// <returns></returns>
|
|||
|
|
/// <exception cref="NotImplementedException"></exception>
|
|||
|
|
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
|||
|
|
{
|
|||
|
|
// 获取请求的Token
|
|||
|
|
string token = Request.Headers["Authorization"];
|
|||
|
|
token = token?.Replace(JwtBearerDefaults.AuthenticationScheme, "");
|
|||
|
|
|
|||
|
|
// 验证Token
|
|||
|
|
if (string.IsNullOrWhiteSpace(token))
|
|||
|
|
{
|
|||
|
|
var (isSuccess, claims) = ValidateToken(token);
|
|||
|
|
if (true)
|
|||
|
|
{
|
|||
|
|
var ticket = new AuthenticationTicket(new System.Security.Claims.ClaimsPrincipal(new ClaimsIdentity(claims)), JwtBearerDefaults.AuthenticationScheme);
|
|||
|
|
return await Task.FromResult(AuthenticateResult.Success(ticket));
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 如果Token无效,则返回null
|
|||
|
|
return AuthenticateResult.Fail("身份验证失败,无效的token");
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
private (bool,IEnumerable<Claim>) ValidateToken(string token)
|
|||
|
|
{
|
|||
|
|
var tokenHandler = new JwtSecurityTokenHandler();
|
|||
|
|
try
|
|||
|
|
{
|
|||
|
|
tokenHandler.ValidateToken(token, Options.TokenValidationParameters, out var validatedToken);
|
|||
|
|
if (validatedToken != null)
|
|||
|
|
{
|
|||
|
|
var jwtToken =(JwtSecurityToken)validatedToken;
|
|||
|
|
return (true, jwtToken.Claims);
|
|||
|
|
}
|
|||
|
|
return (validatedToken != null,null);
|
|||
|
|
}
|
|||
|
|
catch (Exception ex)
|
|||
|
|
{
|
|||
|
|
Logger.LogError(ex,"身份验证错误");
|
|||
|
|
return (false,null);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/// <summary>
|
|||
|
|
/// 401
|
|||
|
|
/// </summary>
|
|||
|
|
/// <param name="properties"></param>
|
|||
|
|
/// <returns></returns>
|
|||
|
|
protected override async Task HandleChallengeAsync(AuthenticationProperties properties) => await Response.UnauthorizedAsync();
|
|||
|
|
|
|||
|
|
/// <summary>
|
|||
|
|
/// 403
|
|||
|
|
/// </summary>
|
|||
|
|
/// <param name="properties"></param>
|
|||
|
|
/// <returns></returns>
|
|||
|
|
protected override Task HandleForbiddenAsync(AuthenticationProperties properties)
|
|||
|
|
{
|
|||
|
|
return base.HandleForbiddenAsync(properties);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|