如何通过 SecurityTokenDescriptor 和 ClaimsIdentity 的帮助在 jwt 创建期间添加 auth_time 声明

Question

我正在通过以下代码创建我的 jwt。我需要的是 auth_time 声明，类似于

   "nbf": 1582109929,
  "exp": 1582110229,
  "iat": 1582109929,

但我不知道如何以上述格式分配时间值或以任何方式自动添加类似 iat 的声明

public string GetIdTokenString(Dictionary<string, object> inputClaims, string secret)
    {
        string result = null;
        try
        {
            var tokenHandler = new JwtSecurityTokenHandler();
            var key = Encoding.ASCII.GetBytes(secret);

            List<Claim> claims = new List<Claim>();
            foreach (var o in inputClaims)
            {
                string val = null;
                if (o.Value != null)
                {
                    Type t = o.Value.GetType();
                    bool isDict = t.IsGenericType /*&& t.GetGenericTypeDefinition() == typeof(Dictionary<,>)*/;
                    if (isDict)
                    {
                        val = JsonSerializer.Serialize(o.Value);
                    }
                    else
                    {
                        val = o.Value.ToString();
                    }
                }
                claims.Add(new Claim(o.Key, val));
            }
            claims.Add(new Claim("sub", Guid.NewGuid().ToString()));          

            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(claims),
                Expires = DateTime.Now.AddSeconds(60 * 5),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
                Audience = ObjInitialRequest.JwtData.ContainsKey("client_id") ? ObjInitialRequest.JwtData["client_id"] : null,
                Issuer = "...",//from well known configuration issuer
            };              
            var token = tokenHandler.CreateToken(tokenDescriptor);
            if (token != null && token is JwtSecurityToken)
            {
                result = (token as JwtSecurityToken).RawData;
            }
        }
        catch (Exception ex)
        {
            //Logger    
        }
        return result;
    }

Answer 1

我可以像下面这样添加它

new Claim("auth_time", ((int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds).ToString(), ClaimValueTypes.Integer)

Answer 2

一个短代码

new Claim("auth_time", DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(),ClaimValueTypes.Integer)

如何通过 SecurityTokenDescriptor 和 ClaimsIdentity 的帮助在 jwt 创建期间添加 auth_time 声明

How to Add auth_time claim in during jwt creation via help of SecurityTokenDescriptor and ClaimsIdentity

jwt

.net-core-3.1