Firebase身份validationasp.net核心
成功登录Firebase后,我们收到了JWT令牌。
为了向我的asp.net应用程序添加授权,我尝试将JwtBearerAuthentication添加到我的中间件。
我尝试了以下JwtBearerOptions:
var options = new JwtBearerOptions { Audience = "myApp", Authority = "https://securetoken.google.com" };
和
var options = new JwtBearerOptions { Audience = "myApp", Authority = "https://securetoken.google.com/myApp" };
不幸的是,这不起作用。 我的Auhtorityurl可能不正确。
有谁知道Auhtorityurl是否正确?
JWTvalidation需要手动: 源
以下代码validationFirebaseToken(JWT):
//Download certificates from google HttpClient client = new HttpClient(); var jsonResult = client.GetStringAsync("https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com").Result; //Convert JSON Result var x509Metadata = JObject.Parse(jsonResult) .Children() .Cast() .Select(i => new x509Metadata(i.Path, i.Value.ToString())); //Extract IssuerSigningKeys var issuerSigningKeys = x509Metadata.Select(s => s.X509SecurityKey); //Setup JwtTokenHandler var handler = new JwtSecurityTokenHandler(); SecurityToken token; handler.ValidateToken(user.FirebaseToken, new TokenValidationParameters { IssuerSigningKeys = issuerSigningKeys, ValidAudience = "myApp", ValidIssuer = "https://securetoken.google.com/myApp", IssuerSigningKeyResolver = (arbitrarily, declaring, these, parameters) => issuerSigningKeys }, out token); public class x509Metadata { public string KID { get; set; } public string Certificate { get; set; } public X509SecurityKey X509SecurityKey { get; set; } public x509Metadata(string kid, string certificate) { KID = kid; Certificate = certificate; X509SecurityKey = BuildSecurityKey(Certificate); } private X509SecurityKey BuildSecurityKey(string certificate) { //Remove : -----BEGIN CERTIFICATE----- & -----END CERTIFICATE----- var lines = certificate.Split('\n'); var selectedLines = lines.Skip(1).Take(lines.Length - 3); var key = string.Join(Environment.NewLine, selectedLines); return new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(key))); } }
- .Net Core 1.1中的传递引用
- 如何在ASP.NET 5中修复CS0433错误?
- Asp.net Core Post参数始终为null
- 使用RequireHttpsAttribute ASP.NET Core的HTTP错误310 ERR_TOO_MANY_REDIRECTS
- Dot Net Entity Framework数据库更新不会在mysql数据库中创建表
- 如何将服务配置传递给Xunit项目测试控制器?
- 未指定authenticationScheme,并且未找到DefaultChallengeScheme Cookies身份validation
- asp.net核心中的TempData null
- 无法获取DbContext的reflection类型