我第一次实现基于JWT的身份验证,并且基于在网上找到的一些资源来实现我的实现。我想知道,jwt的秘密定义为:
"JwtConfig": {
"secret": "pma_secret_2019_2020",
"durationInMinutes": 1440,
"issuer": "localhost:5001"
}
现在我对这段代码有疑问:
var symmetricKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_secret)
);
var signinCredentials =
new SigningCredentials(symmetricKey, SecurityAlgorithms.Sha256);
var expirationDate = DateTime.Now.AddMinutes(_durationInMinutes);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = expirationDate,
SigningCredentials = signinCredentials
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
创建令牌抛出以下异常:
System.NotSupportedException: IDX10634: Unable to create the SignatureProvider.
Algorithm: 'System.String', SecurityKey: 'Microsoft.IdentityModel.Tokens.SymmetricSecurityKey'
is not supported.
有人可以解释为什么我不断收到此错误吗?它与机密,字符或其他内容的大小有关吗?
更改安全算法至SecurityAlgorithms.HmacSha256Signature