JwtSecurityToken的理解和异常 [英] JwtSecurityToken understanding and exception
问题描述
我对JwtSecurityTokens
还是很陌生,我尝试了解它的不同方面,并且进一步了解整个claimsidentity
和claimprincipal
,但这是另一个故事.
I'm fairly new to JwtSecurityTokens
, and I try to understand the different aspects of it and furhtermore the whole claimsidentity
and claimprincipal
, but that's another story.
我尝试使用以下代码在 C#中生成令牌:
I try to generate a token in C# by using the following code:
private const string SECRET_KEY = "abcdef";
private static readonly SymmetricSecurityKey SIGNING_KEY = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SECRET_KEY));
public static string GenerateToken(string someName)
{
var token = new JwtSecurityToken(
claims: new Claim[]
{
new Claim(ClaimTypes.Name, someName),
},
notBefore: new DateTimeOffset(DateTime.Now).DateTime,
expires: new DateTimeOffset(DateTime.Now.AddMinutes(60)).DateTime,
signingCredentials: new SigningCredentials(SIGNING_KEY, SecurityAlgorithms.HmacSha256)
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
我遵循了有关YouTube的教程,但不确定我是否了解 JwtSecurityToken中的不同部分.另外,当我执行 通过控制器的代码只是试图返回令牌,它 返回错误,说:"IDX10603:解密失败.尝试过的密钥: "[PII隐藏]".
I followed a tutorial on Youtube, but I'm not sure I understand the different parts in the JwtSecurityToken. In addition, when I execute the code through a controller just to try to return a token, it returns an error, saying: "IDX10603: Decryption failed. Keys tried: '[PII is hidden]'".
感谢您的帮助.
推荐答案
算法HS256要求SecurityKey.KeySize
大于128位,并且您的密钥只有48位.通过添加至少10个符号来扩展它.
至于"PII隐藏"部分,这是GDPR合规性工作的一部分,以隐藏日志中的任何堆栈或变量信息.您应通过以下方式启用其他详细信息:
The algorithm HS256 requires the SecurityKey.KeySize
to be greater than 128 bits and your key has just 48. Extend it by adding at least 10 more symbols.
As for "PII is hidden" part, it was done as a part of GDPR compliance effort to hide any stack or variable info in logs. You should enable additional details with:
IdentityModelEventSource.ShowPII = true;
这篇关于JwtSecurityToken的理解和异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!