错误试图生成令牌使用.NET库的智威汤逊 [英] Error trying to generate token using .NET JWT library

查看:207
本文介绍了错误试图生成令牌使用.NET库的智威汤逊的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图用包System.IdentityModel.Tokens.Jwt生成的令牌。我发现一些代码示例在线,是非常简单的,但后来我运行到,我想不出一个错误。以下是我正在使用的代码(已为简洁起见稍作修改):

I'm trying to use package System.IdentityModel.Tokens.Jwt to generate a token. I found some code samples online, was pretty straightforward, but then I'm running into an error that I can't figure out. Here's the code I'm using (has been modified slightly for brevity):

<%@ Application Language="C#" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Reflection" %>
<%@ Import Namespace="System.Collections" %>
<%@ Import Namespace="System.IdentityModel.Tokens" %>
<%@ Import Namespace="System.IdentityModel.Tokens.Jwt" %>
<%@ Import Namespace="System.Security.Claims" %>
<%@ Import Namespace="System.IdentityModel.Protocols.WSTrust" %>

<script runat="server">
    public class TestClass
    {
        public static string GetJwtToken()
        {
            var tokenHandler = new JwtSecurityTokenHandler();
            var input = "anyoldrandomtext";
            var securityKey = new byte[input.Length * sizeof(char)];
            Buffer.BlockCopy(input.ToCharArray(), 0, securityKey, 0, securityKey.Length);
            var now = DateTime.UtcNow;
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new[]
                {
                new Claim( ClaimTypes.UserData,
                "IsValid", ClaimValueTypes.String, "(local)" )
              }),
                TokenIssuerName = "self",
                AppliesToAddress = "https://www.mywebsite.com",
                Lifetime = new Lifetime(now, now.AddMinutes(60)),
                SigningCredentials = new SigningCredentials(new InMemorySymmetricSecurityKey(securityKey),
                  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
                  "http://www.w3.org/2001/04/xmlenc#sha256"),
            };

            var token = tokenHandler.CreateToken(tokenDescriptor);
            var tokenString = tokenHandler.WriteToken(token);

            return tokenString;
        }
    }
</script>



我不断收到以下错误在行113(VAR令牌= tokenHandler.CreateToken(tokenDescriptor);)

I keep getting the following error at line 113 (var token = tokenHandler.CreateToken(tokenDescriptor);):

参数1:无法从System.IdentityModel.Tokens.SecurityTokenDescriptor'转换为'Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor

不过,我已经看到了很多例子网上做的事情正是我所做的这些。我也遇到了这篇文章( https://开头MSDN .microsoft.com / EN-US /库/ jj157089(v = vs.110)的.aspx ),指出以下:

But I've seen many examples online doing things exactly as I've done them. I also ran into this article (https://msdn.microsoft.com/en-us/library/jj157089(v=vs.110).aspx) that states the following:

在WIF 3.5中,所有的WIF类载于
Microsoft.IdentityModel组装
(microsoft.identitymicrosoft.identitymodel.dll)。在WIF 4.5中,WIF
类已拆分跨越以下组件:mscorlib程序
(mscorlib.dll中),System.IdentityModel(System.IdentityModel.dll),
System.IdentityModel.Services (System.IdentityModel.Services.dll)和
System.ServiceModel(System.ServiceModel.dll)。

In WIF 3.5, all of the WIF classes were contained in the Microsoft.IdentityModel assembly (microsoft.identitymicrosoft.identitymodel.dll). In WIF 4.5, the WIF classes have been split across the following assemblies: mscorlib (mscorlib.dll), System.IdentityModel (System.IdentityModel.dll), System.IdentityModel.Services (System.IdentityModel.Services.dll), and System.ServiceModel (System.ServiceModel.dll).

WIF 3.5类都包含在一个的
Microsoft.IdentityModel命名空间;例如,
Microsoft.IdentityModel,Microsoft.IdentityModel.Tokens,
Microsoft.IdentityModel.Web,等等。在WIF 4.5中,WIF类
正在蔓延整个System.IdentityModel命名空间中,
System.Security.Claims命名空间和System.ServiceModel.Security
命名空间。除了本次重组,一些WIF 3.5类
有WIF 4.5被删除。

The WIF 3.5 classes were all contained in one of the Microsoft.IdentityModel namespaces; for example, Microsoft.IdentityModel, Microsoft.IdentityModel.Tokens, Microsoft.IdentityModel.Web, and so on. In WIF 4.5, the WIF classes are now spread across the System.IdentityModel namespaces, the System.Security.Claims namespace, and the System.ServiceModel.Security namespace. In addition to this reorganization, some WIF 3.5 classes have been dropped in WIF 4.5.

我试调试着想切换到使用Microsoft *命名为SecurityTokenDescriptor,然后我再弄一系列错误说TokenIssuerName,AppliesToAddress和寿命都没有该类有效属性。然而,当我在文档看网上,好像做Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor存在这些属性。然而,在我的Visual Studio中,当我转到定义为类,他们不存在,导致我相信,在我的Visual Studio某种配置问题。在我的包管理器,它显示我已经安装了Microsoft.IdentityModel.Tokens V5.0.0。我也改变了项目到.NET Framework 4.5.1自JWT库需要它。除此之外,我不知道还有什么地方找。

I tried for debugging sake to switch to use the Microsoft.* namespace for the SecurityTokenDescriptor, and then I get another series of errors saying TokenIssuerName, AppliesToAddress, and Lifetime aren't valid properties for that class. Yet when I look at the docs online, seems like those properties do exist on Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor. Yet in my Visual Studio, when I do Go to Definition for that class, they're not there, leading me to believe that there's some kind of configuration issue in my Visual Studio. In my package manager, it shows I have Microsoft.IdentityModel.Tokens v5.0.0 installed. I also changed the project to .NET framework 4.5.1 since the JWT library requires it. Beyond that, I don't know where else to look.

推荐答案

我跑进与OpenID连接库时有类似的情况我升级,而此前是在 Microsoft.IdentityModel.Protocol.Extensions 包(这取决于JWT包4.0.2),但现在是 Microsoft.IdentityModel.Protocols.OpenIdConnect 取决于 Microsoft.IdentityModel.Protocols 的2.0.0(这依赖于智威汤逊包5.0.0 )。

I ran into a similar situation with the OpenID Connect library when I upgraded, which previously was in the Microsoft.IdentityModel.Protocol.Extensions package (which depended on 4.0.2 of the JWT package) but now is Microsoft.IdentityModel.Protocols.OpenIdConnect which depends on 2.0.0 of Microsoft.IdentityModel.Protocols (which depends on 5.0.0 of the JWT package).

删除您的任何 Microsoft.IdentityModel * System.IdentityModel * 包,只有安装最新版本(5.0.0) System.IdentityModel.Tokens.Jwt 包依赖于微软。 。IdentityModel.Tokens

Remove any of your Microsoft.IdentityModel* and System.IdentityModel* packages, and install only the latest (5.0.0) System.IdentityModel.Tokens.Jwt package which depends on Microsoft.IdentityModel.Tokens.

您会希望使用语句为这些命名空间:

You'll want using statements for these namespaces:


  • Microsoft.IdentityModel.Tokens(但不是System.IdentityModel.Tokens)

  • System.IdentityModel.Tokens.Jwt

  • System.Security.Claims

微软简化了一些参数更像你会从其他平台的智威汤逊库期待什么,因此 SecurityTokenDescriptor 属性有一点不同:

Microsoft has simplified some of the parameters to be more like what you would expect from other platforms' JWT libraries, so the SecurityTokenDescriptor properties are a little different:

var tokenDescriptor = new SecurityTokenDescriptor
{
    Subject = new ClaimsIdentity(new[]
    {
        new Claim( ClaimTypes.UserData,
        "IsValid", ClaimValueTypes.String, "(local)" )
    }),
    Issuer = "self",
    Audience = "https://www.mywebsite.com",
    Expires = now.AddMinutes(60),
    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(securityKey), SecurityAlgorithms.HmacSha256),
};



注意 SecurityAlgorithms.HmacSha256 是一个字符串常数HS256,就像你在大多数其他图书馆使用。使用上面的代码加在你的问题的例子,你应该能产生一个有效的JWT。

Note that SecurityAlgorithms.HmacSha256 is a string constant for "HS256", just like you'd use in most other libraries. Using the above code plus the example in your question, you should be able to generate a valid JWT.

这篇关于错误试图生成令牌使用.NET库的智威汤逊的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆