gateway/HuiXin.Gateway.Ocelot/Extensions/JWTExtensions.cs

using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;

namespace HuiXin.Gateway.Ocelot.Extensions
{
    public static class JWTExtensions
    {
        public static IServiceCollection AddJWT(this IServiceCollection services, IConfiguration configuration)
        {
            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(configuration.GetValue<string>("AuthenticationScheme") ?? throw new Exception("jwt的参数AuthenticationScheme未配置，请在jwt.json文件中配置"), options =>
            {
                //options.Authority = cfgJwt.GetValue<string>("Authority"); // OpenIddict服务端地址
                //options.BackchannelTimeout = TimeSpan.FromMilliseconds(300);
                options.RequireHttpsMetadata = false;
                options.Audience = configuration.GetValue<string>("Audience"); // 与OpenIddict中定义的Audience匹配
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = false,
                    IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(configuration.GetValue<string>("IssuerSigningKeyBase64") ?? throw new Exception("jwt的参数IssuerSigningKeyBase64未配置，请在jwt.json文件中配置"))),
                    ValidateIssuer = false,
                    //ValidIssuer = "YOUR_ISSUER",
                    ValidateAudience = false,
                    //ValidAudience = "YOUR_AUDIENCE",
                    ValidateLifetime = true,
                    // 忽略 kid 参数
                    ValidateTokenReplay = false,
                };
            });
            services.AddAuthorization();

            return services;
        }

        public static IApplicationBuilder UseJWT(this WebApplication app)
        {
            app.UseAuthentication();
            app.UseAuthorization();

            return app;
        }
    }
}
初始化 10 months ago			`using Microsoft.AspNetCore.Authentication.JwtBearer;`
			`using Microsoft.IdentityModel.Tokens;`

			`namespace HuiXin.Gateway.Ocelot.Extensions`
			`{`
			`public static class JWTExtensions`
			`{`
			`public static IServiceCollection AddJWT(this IServiceCollection services, IConfiguration configuration)`
			`{`
			`services.AddAuthentication(options =>`
			`{`
			`options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;`
			`options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;`
			`}).AddJwtBearer(configuration.GetValue<string>("AuthenticationScheme") ?? throw new Exception("jwt的参数AuthenticationScheme未配置，请在jwt.json文件中配置"), options =>`
			`{`
			`//options.Authority = cfgJwt.GetValue<string>("Authority"); // OpenIddict服务端地址`
			`//options.BackchannelTimeout = TimeSpan.FromMilliseconds(300);`
			`options.RequireHttpsMetadata = false;`
			`options.Audience = configuration.GetValue<string>("Audience"); // 与OpenIddict中定义的Audience匹配`
			`options.TokenValidationParameters = new TokenValidationParameters`
			`{`
			`ValidateIssuerSigningKey = false,`
			`IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(configuration.GetValue<string>("IssuerSigningKeyBase64") ?? throw new Exception("jwt的参数IssuerSigningKeyBase64未配置，请在jwt.json文件中配置"))),`
			`ValidateIssuer = false,`
			`//ValidIssuer = "YOUR_ISSUER",`
			`ValidateAudience = false,`
			`//ValidAudience = "YOUR_AUDIENCE",`
			`ValidateLifetime = true,`
			`// 忽略 kid 参数`
			`ValidateTokenReplay = false,`
			`};`
			`});`
			`services.AddAuthorization();`

			`return services;`
			`}`

			`public static IApplicationBuilder UseJWT(this WebApplication app)`
			`{`
			`app.UseAuthentication();`
			`app.UseAuthorization();`

			`return app;`
			`}`
			`}`
			`}`