在ServiceStack中,我正在使用JwtAuthProvider,其中我获得了Bearer令牌和Refresh令牌,那么我如何验证令牌并授权Web API服务? 代码:
这里,“jwtToken”值有什么用途呢?用户已经被授权和认证,我不明白为什么需要这个令牌?
有人可以建议我如何利用该令牌吗? JWT配置:
var client = new JsvServiceClient(ListeningOn) { UserName = "tuser", Password = "password" };
client.Send<AssignRolesResponse>(new AssignRoles
{
UserName = "tuser",
Roles = new ArrayOfString("TestRole"),
Permissions = new ArrayOfString("GetStatus")
});
var jwtToken = client.Send(new Authenticate()).BearerToken;
这里,“jwtToken”值有什么用途呢?用户已经被授权和认证,我不明白为什么需要这个令牌?
有人可以建议我如何利用该令牌吗? JWT配置:
this.Plugins.Add(new AuthFeature(() => new AuthUserSession(),
new IAuthProvider[]
{
new JwtAuthProvider(AppSettings) {
RequireSecureConnection = false,
AuthKey = AesUtils.CreateKey(),
//CreatePayloadFilter = (payload,session) =>
// payload["CreatedAt"] = session.CreatedAt.ToUnixTime().ToString(),
CreatePayloadFilter = (jwtPayload, session) =>
jwtPayload["exp"] = DateTime.UtcNow.AddSeconds(-1).ToUnixTime().ToString()
},
new CredentialsAuthProvider(AppSettings),
new BasicAuthProvider()
}));