如何解密 IdentityServer 返回的 id_token

园子的 open api 是基于 IdentityServer 实现的,通过下面的代码跳转到 Authorization Server 进行登录用户授权

public IActionResult Authorize()

{

var url = QueryHelpers.AddQueryString(

"https://oauth.cnblogs.com/connect/authorize",

new Dictionary<string, string>

{

["client_id"] = _apiOptions.ClientId,

["scope"] = "openid profile CnBlogsApi offline_access",

["response_type"] = "code id_token",

["redirect_uri"] = _apiOptions.RedirectUri,

["state"] = "cnblogs open api",

["nonce"] = Guid.NewGuid().ToString(),

["response_mode"] = "form_post"

});

return Redirect(url);

}

授权成功后拿到了 id_token

public IActionResult Callback(string code, string id_token, string scope, string state, string session_state)

{

return Content(id_token);

}

请问如何解密这个 id_token ?

回答

不需要解密,只需解码,在 Decode JWTs in C# for Authorization 中找到了答案:

var jwt = "(the JTW here)";

var handler = new JwtSecurityTokenHandler();

var token = handler.ReadJwtToken(jwt);

试验的代码:

public IActionResult Callback(string code, string id_token, string scope, string state, string session_state)

{

var handler = new JwtSecurityTokenHandler();

var token = handler.ReadJwtToken(id_token);

return Content(token.Issuer);

}

注:需要安装 nuget 包 System.IdentityModel.Tokens.Jwt

以上是 如何解密 IdentityServer 返回的 id_token 的全部内容, 来源链接: www.h5w3.com/114457.html

回到顶部