Asp.Net Core中的FormsAuthentication解密 [英] FormsAuthentication Decrypt In Asp.Net Core

问题描述

我们有多个具有Single Sign On的Asp.Net MVC应用程序，其中我们使用FormsAuthentication.Encrypt()方法传递加密的字符串，并将其作为查询字符串传递，并使用FormsAuthentication.Decrypt()解密相同的字符串.

We have multiple Asp.Net MVC application's with Single Sign On where we pass encrypted string using FormsAuthentication.Encrypt() method and pass it as a query string and decrypt the same string using FormsAuthentication.Decrypt().

由于两个站点都是在Asp.Net MVC中开发的，因此我们能够使用表单身份验证并能够解密字符串.

Since both sites were developed in Asp.Net MVC we are able to use Forms Authentication and able to decrypt the string.

现在，我们正在Asp.Net Core中开发一个新项目，在该项目中，我们将经过加密的字符串作为来自Asp.Net MVC的查询字符串进行传递，并且必须在Asp.Net Core Web应用程序中进行解密.

Now we are developing a new project in Asp.Net Core where we pass a encrypted string as query string from Asp.Net MVC and have to decrypt in Asp.Net Core web application.

是否有其他方法可以在Asp.Net Core中解密字符串

Is there any alternative to decrypt the string in Asp.Net Core

注意:我们没有使用Asp.Net身份

Note: We are not using Asp.Net Identity

//Encryption
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, "Name", DateTime.Now, DateTime.Now.AddMinutes(60), true, "DataToEncrypt");

string encrypted = FormsAuthentication.Encrypt(ticket);
Response.Redirect("siteUrl?CookieName="+encrypted );

//Decryption
HttpCookie authCookie = Request.Cookies["CookieName"];

var formsAuthenticationTicket = FormsAuthentication.Decrypt(authCookie.Value);
string _userData = formsAuthenticationTicket.UserData;

推荐答案

不，您之前所做的工作取决于共享相同机器密钥的两个应用程序，因此它们都以相同的方式进行加密/解密.ASP.NET Core不支持机器密钥的概念，也不将其用于加密.相反，它使用数据保护提供程序.因此，无法在ASP.NET Core中解密基于机器密钥在ASP.NET应用程序中加密的值.句号.

No, what you were doing before depended on both applications sharing the same machine key, so that they both encrypt/decrypt in the same way. ASP.NET Core does not support the concept of machine keys and does not use them for encryption. Instead, it uses data protection providers. As such there is no possible way to decrypt a value in ASP.NET Core that was encrypted in an ASP.NET app based on machine key. Full stop.

也就是说，ASP.NET Core 中使用的数据保护提供程序概念可以在ASP.NET中使用，但这显然需要您更改当前设计以利用数据保护提供程序进行加密/decrypt，而不是您当前的方法.然后，假设在所有应用程序中都对提供程序进行了相同的配置，那么您将能够在ASP.NET Core中进行解密.也就是说，要求数据保护提供商使用的密钥环位于所有应用程序都可以访问的共享位置，并且所有应用程序都配置为使用相同的应用程序名称.

That said, the data protection provider concept used in ASP.NET Core can be used in ASP.NET, but that will obviously require you to change your current design to utilize data protection provider to encrypt/decrypt instead of your current methodology. Then, assuming that the provider is configured the same across all the apps, then you'll be able to decrypt in ASP.NET Core. Namely that requires that the keyring used by the data protection provider is in a shared location that all the apps can access, and that all the apps are configured to use the same application name.

请参考文档进行设置.该文档既适用于cookie共享又适用于身份验证，但这实际上是关于共享加密方案的，因此设置文档中提到的数据保护位就足够了.

Please refer to the documentation for how to set this up. The documentation is geared towards both cookie sharing and auth, but what this is really about it shared encryption schemes, so setting up data protection bits mentioned in the docs will be enough.

这篇关于Asp.Net Core中的FormsAuthentication解密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！