问题
I am facing the problem with JWT Authentication in ASP.Net Core. The scenario looks following:
- I have a ASP.NET Core Web API, let's call it 'API A'. It is resonsible for generating JWT Token to user who provide correct login/password, then token is generating.
- I have second ASP.NET Core Web Api, called 'API B' which returns some data from database. I would like to be able to use JWT token, generated by 'API A' to authorize access to data from 'API B'.
Is it possible to achieve it by using JwtBarear Authentication?
Thanks for any tips!
回答1:
Yes, you could generate the JWT token for the authentication on multiple services, you need to save this token in a database->table having authentication details( user_id, device, auth_token etc.), get and reuse the same token to authenticate user until that token doesn't get expired.
Regenerate and update token in the table if expired.
回答2:
Is it possible to achieve it by using JwtBarear Authentication?
That's even intended purpose of the JWT tokens. You could use the token to authenticate with any service (B, C, D) which trust the identity provider A.
Each service must validate the JWT token (expiration, signature, ..) even without storing the token in any database assuming the JWT token contains all necessary information to ensure identity and validity.
回答3:
The title of your question mentions many services, but in your question you only talk about two.
Please note that JWT tokens typically have an audiences claim (aud) which indicates what services the tokens is issued for. When you're validating the token, make sure that the aud claim contains the identifier for your service.
来源:https://stackoverflow.com/questions/49569433/one-jwt-token-for-many-services