Firebase身份validationasp.net核心

成功登录Firebase后,我们收到了JWT令牌。

为了向我的asp.net应用程序添加授权,我尝试将JwtBearerAuthentication添加到我的中间件。

我尝试了以下JwtBearerOptions: 

var options = new JwtBearerOptions { Audience = "myApp", Authority = "https://securetoken.google.com" }; 

  var options = new JwtBearerOptions { Audience = "myApp", Authority = "https://securetoken.google.com/myApp" };

不幸的是,这不起作用。 我的Auhtorityurl可能不正确。

有谁知道Auhtorityurl是否正确?

JWTvalidation需要手动: 源

以下代码validationFirebaseToken(JWT): 

  //Download certificates from google HttpClient client = new HttpClient(); var jsonResult = client.GetStringAsync("https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com").Result; //Convert JSON Result var x509Metadata = JObject.Parse(jsonResult) .Children() .Cast() .Select(i => new x509Metadata(i.Path, i.Value.ToString())); //Extract IssuerSigningKeys var issuerSigningKeys = x509Metadata.Select(s => s.X509SecurityKey); //Setup JwtTokenHandler var handler = new JwtSecurityTokenHandler(); SecurityToken token; handler.ValidateToken(user.FirebaseToken, new TokenValidationParameters { IssuerSigningKeys = issuerSigningKeys, ValidAudience = "myApp", ValidIssuer = "https://securetoken.google.com/myApp", IssuerSigningKeyResolver = (arbitrarily, declaring, these, parameters) => issuerSigningKeys }, out token); public class x509Metadata { public string KID { get; set; } public string Certificate { get; set; } public X509SecurityKey X509SecurityKey { get; set; } public x509Metadata(string kid, string certificate) { KID = kid; Certificate = certificate; X509SecurityKey = BuildSecurityKey(Certificate); } private X509SecurityKey BuildSecurityKey(string certificate) { //Remove : -----BEGIN CERTIFICATE----- & -----END CERTIFICATE----- var lines = certificate.Split('\n'); var selectedLines = lines.Skip(1).Take(lines.Length - 3); var key = string.Join(Environment.NewLine, selectedLines); return new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(key))); } }
Interesting Posts

ASP.NET MVC Core / 6:多个提交按钮

在ASP.NET核心中注入IUrlHelper

dependency injectionUserManager正在处理异步调用(ASP.NET CORE)

asp.net 5.0 project.json中RavenDB.Client引用的问题

控制器错误“Microsoft.AspNetCore.Mvc.Rendering.SelectListItem”中的MVC Core SelectList下拉列表

.net Core 2.0文件上传大小限制

在旧版.NET平台上使用.NET Core包

dependency injection,注入参数

ASP.NET核心模型绑定错误消息本地化

在ASP.NET Core Web API中接收文件和其他表单数据(基于边界的请求解析)