c# - 创建 JWT, header 中不包含 child

标签 c# .net jwt

我编写代码来生成 JWT 并使用证书对其进行签名,但它在 header 中添加了我不想要的 kid 属性。如何在没有此属性的情况下创建使用证书签名的 JWT?这是我的代码:

public string CreateToken(string thumbprint, string iss, string sub, string aud, int lifetime)
    {
        X509Certificate2 cert = null;

        var certificateStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        var lifeDuration = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(lifetime));
        var tokenHandler = new JwtSecurityTokenHandler();

        certificateStore.Open(OpenFlags.ReadOnly);

        foreach (var certificate in certificateStore.Certificates)
        {
            if (certificate == null || certificate.Thumbprint == null)
            {
                continue;
            }

            if (string.Equals(certificate.Thumbprint, thumbprint, StringComparison.CurrentCultureIgnoreCase))
            {
                certificateStore.Close();
                cert = certificate;
                break;
            }
        }

        if (cert == null)
        {
            throw new Exception("Certificate cannot be found!");
        }

        var signingCredentials = new SigningCredentials(new X509SecurityKey(cert), SecurityAlgorithms.RsaSha256Signature);

        var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
        {

            Issuer = iss,
            Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim("sub", sub),
                    new Claim("jti", Guid.NewGuid().ToString())
                }),
            Audience = aud,
            Expires = lifeDuration.Expires,
            SigningCredentials = signingCredentials
        };

        Microsoft.IdentityModel.Tokens.SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);

        string tokenString = tokenHandler.WriteToken(token);

        return tokenString;
    }

上面的代码生成此 token :

{
 "alg": "RS256",
 "kid": "B8C72D1B7A713A09372F2376094CC525A023379C",
 "typ": "JWT"
}
{
 "jti": "216fcf32-d4ae-4b5a-a255-79733b2e4535",
 "exp": "1506496792",
 "iat": "1506496792",
 "iss": "issuer",
 "aud": "audience",
 "sub": "subject"
}

最佳答案

我已经改变了我的方法,看起来像这样,现在它工作正常

public string CreateToken(string thumbprint, string iss, string sub, string aud, int lifetime)
    {
        var lifeDuration = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(lifetime));
        var cert = this.FindCertificate(thumbprint);
        var signingCredentials = new SigningCredentials(new X509SecurityKey(cert), SecurityAlgorithms.RsaSha256Signature);

        JwtHeader header = new JwtHeader(signingCredentials);
        header.Clear();
        header.Add("alg", "RS256");
        header.Add("typ", "JWT");

        JwtPayload payload = new JwtPayload(
            iss, 
            aud, 
            new List<Claim>()
            {
                new Claim("sub", sub),
                new Claim("jti", Guid.NewGuid().ToString())
            }, 
            null, 
            lifeDuration.Expires);

        var jwt = new JwtSecurityToken(header, payload);
        var encoded = new JwtSecurityTokenHandler().WriteToken(jwt);

        return encoded;
    }

关于c# - 创建 JWT, header 中不包含 child,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46442066/

上一篇:encryption - RSA如何保持认证和不可否认性

下一篇:html - Angular ng-选项添加图标

相关文章:

c# - App.Config 中使用哪种编码?

c# - 如何在启动时在前台运行 UWP 应用程序?

c# - 撇号通过 C# 中的过滤器

C# 4.0 MemoryCache - 如何在对其依赖项进行更改时逐出依赖缓存条目

c# - 用 C# 中的每个新线程打开一个新控制台?

java - 如何使用 clientCredentialType ="Basic"将 Java 客户端连接到 WCF 服务

.net - 使用 vs2010 将 C++/CLI 项目更改为 4.0 以外的其他框架

python - 在哪里覆盖 JWT_EXPIRATION_DELTA 以设置自定义 token 过期时间?

go - 解析 jwt token 时在哪里验证 JWT key ?

java - 在nimbus-jose-jwt中,生命周期和刷新时间有什么区别?

©2024 IT工具网  联系我们