这是Linqpad中JwtSecurityTokenHandler 4.0.0的简化测试.该代码适用于JwtSecurityTokenHandler 3.0.2,生成并验证了令牌.在4.0.0中,经过必要的更改后,我不断收到SecurityTokenSignatureKeyNotFoundException:IDX10500:签名验证失败.无法解析SecurityKeyIdentifier.显然有些事情发生了变化,或者我做错了什么,新版本更严格.有什么建议?
string jwtIssuer = "issuer";
string jwtAudience = "audience";
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2 cert = store.Certificates.OfType<X509Certificate2>().FirstOrDefault( c => c.SubjectName.Name.Equals("CN=DEV_CERT", StringComparison.OrdinalIgnoreCase));
store.Close();
// Token generation and signing
X509SigningCredentials signingCredentials = new X509SigningCredentials(cert);
JwtSecurityTokenHandler jwtHandler = new JwtSecurityTokenHandler();
IList<System.Security.Claims.Claim> payloadClaims = new List<System.Security.Claims.Claim>() {
new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name , "name"),
};
#if JWT302
Lifetime lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddSeconds(24*60*60));
JwtSecurityToken jwt = new JwtSecurityToken( jwtIssuer, jwtAudience, payloadClaims, lifetime, signingCredentials);
#else
JwtSecurityToken jwt = new JwtSecurityToken( jwtIssuer, jwtAudience, payloadClaims, …