jwt 验证方法 (ASP.NET Core)

一、安装包

  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.18" />
  </ItemGroup>

二、实现，生成secretKey和jwtToken，可以在线生成

JWT在线解码/编码工具 - 解析、验证、生成JSON Web Token

Program.cs

using System.Security.Claims;

var secretKey = "50nZpLVvKQ1WYkhSCTiO3LvdCr0G8hcaQF4pUIkOJNfvBFiMKvI4zXnWTPkDsel7QH3vtfF224kKFe84IFalDQ==";
var jwtToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNzUzNDUwMDMwLCJuYmYiOjE3NTM0NTAwMzAsImV4cCI6MTc1MzQ1MzYzMH0.tCkEzCh6N6XU9_YQ7manDo3zr2_Xz3wIWNfYqqKdDQI";

var validator = new JwtValidator(secretKey);
var principal = validator.ValidateToken(jwtToken);

if (principal != null)
{
    Console.WriteLine("Token is valid!");
    Console.WriteLine($"Subject: {principal.FindFirst(ClaimTypes.NameIdentifier)?.Value}");
    Console.WriteLine($"Name: {principal.FindFirst(ClaimTypes.Name)?.Value}");
}
else
{
    Console.WriteLine("Token is invalid!");
}

添加类：JwtValidator.cs

using System;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.IdentityModel.Tokens;

public class JwtValidator
{
    private readonly string _secretKey;
    private readonly string _issuer;
    private readonly string _audience;

    public JwtValidator(string secretKey, string issuer = null, string audience = null)
    {
        _secretKey = secretKey;
        _issuer = issuer;
        _audience = audience;
    }

    public ClaimsPrincipal ValidateToken(string token)
    {
        try
        {
            var tokenHandler = new JwtSecurityTokenHandler();
            var key = Encoding.ASCII.GetBytes(_secretKey);

            var validationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(key),
                ValidateIssuer = !string.IsNullOrEmpty(_issuer),
                ValidIssuer = _issuer,
                ValidateAudience = !string.IsNullOrEmpty(_audience),
                ValidAudience = _audience,
                ValidateLifetime = true,
                ClockSkew = TimeSpan.Zero
            };

            SecurityToken validatedToken;
            return tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
        }
        catch (SecurityTokenException ex)
        {
            // Token 验证失败
            Console.WriteLine($"Token validation failed: {ex.Message}");
            return null;
        }
        catch (Exception ex)
        {
            // 其他异常
            Console.WriteLine($"Error validating token: {ex.Message}");
            return null;
        }
    }

  
}