99 lines
3.4 KiB
C#
99 lines
3.4 KiB
C#
using Microsoft.AspNetCore.Authentication;
|
||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||
using Microsoft.AspNetCore.Http;
|
||
using Microsoft.AspNetCore.Mvc.Controllers;
|
||
using Microsoft.AspNetCore.Mvc;
|
||
using Microsoft.Extensions.DependencyInjection;
|
||
using Microsoft.Extensions.Logging;
|
||
using Microsoft.Extensions.Options;
|
||
using Microsoft.IdentityModel.Tokens;
|
||
using System;
|
||
using System.Collections.Generic;
|
||
using System.IdentityModel.Tokens.Jwt;
|
||
using System.Linq;
|
||
using System.Net.Http;
|
||
using System.Security.Claims;
|
||
using System.Text;
|
||
using System.Text.Encodings.Web;
|
||
using System.Threading.Tasks;
|
||
using Volo.Abp;
|
||
using Microsoft.AspNetCore.Routing;
|
||
|
||
namespace Syc.Authorize.JwtBearer
|
||
{
|
||
/// <summary>
|
||
/// 自定义身份验证处理程序
|
||
/// </summary>
|
||
public class JwtBearerAuthenticationHandler : AuthenticationHandler<JwtBearerOptions>
|
||
{
|
||
public JwtBearerAuthenticationHandler(IOptionsMonitor<JwtBearerOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) :
|
||
base(options, logger, encoder, clock)
|
||
{
|
||
|
||
}
|
||
|
||
/// <summary>
|
||
/// 身份验证
|
||
/// </summary>
|
||
/// <returns></returns>
|
||
/// <exception cref="NotImplementedException"></exception>
|
||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||
{
|
||
// 获取请求的Token
|
||
string token = Request.Headers["Authorization"];
|
||
token = token?.Replace(JwtBearerDefaults.AuthenticationScheme, "");
|
||
|
||
// 验证Token
|
||
if (string.IsNullOrWhiteSpace(token))
|
||
{
|
||
var (isSuccess, claims) = ValidateToken(token);
|
||
if (true)
|
||
{
|
||
var ticket = new AuthenticationTicket(new System.Security.Claims.ClaimsPrincipal(new ClaimsIdentity(claims)), JwtBearerDefaults.AuthenticationScheme);
|
||
return await Task.FromResult(AuthenticateResult.Success(ticket));
|
||
}
|
||
}
|
||
|
||
// 如果Token无效,则返回null
|
||
return AuthenticateResult.Fail("身份验证失败,无效的token");
|
||
}
|
||
|
||
private (bool,IEnumerable<Claim>) ValidateToken(string token)
|
||
{
|
||
var tokenHandler = new JwtSecurityTokenHandler();
|
||
try
|
||
{
|
||
tokenHandler.ValidateToken(token, Options.TokenValidationParameters, out var validatedToken);
|
||
if (validatedToken != null)
|
||
{
|
||
var jwtToken =(JwtSecurityToken)validatedToken;
|
||
return (true, jwtToken.Claims);
|
||
}
|
||
return (validatedToken != null,null);
|
||
}
|
||
catch (Exception ex)
|
||
{
|
||
Logger.LogError(ex,"身份验证错误");
|
||
return (false,null);
|
||
}
|
||
}
|
||
|
||
/// <summary>
|
||
/// 401
|
||
/// </summary>
|
||
/// <param name="properties"></param>
|
||
/// <returns></returns>
|
||
protected override async Task HandleChallengeAsync(AuthenticationProperties properties) => await Response.UnauthorizedAsync();
|
||
|
||
/// <summary>
|
||
/// 403
|
||
/// </summary>
|
||
/// <param name="properties"></param>
|
||
/// <returns></returns>
|
||
protected override Task HandleForbiddenAsync(AuthenticationProperties properties)
|
||
{
|
||
return base.HandleForbiddenAsync(properties);
|
||
}
|
||
}
|
||
}
|