gpt4 book ai didi

.net - 为什么我们有两个 JWT token 类 JwtSecurityTokenHandler 和 JsonWebTokenHandler?

转载 作者:行者123 更新时间:2023-12-04 01:33:20 24 4
gpt4 key购买 nike

它总是令人困惑,并且没有提及使用哪个更好,我个人更喜欢 JsonWebTokenHandler 因为它是更合适的 ValidateToken 返回类型

命名空间的区别是Microsoft.IdentityModel.JsonWebTokens vs System.IdentityModel.Tokens.Jwt,这也很相似?

任何可用的指导方针?

最佳答案

JsonWebTokenHandler 是新的和改进的版本。

见:https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/945

布伦特施马尔茨写道:

JwtSecurityTokenHandler was modeled after the existing System.IdentityModel.SecurityTokenHandler. There were some compromises that we had to make, such as using System.Security.ClaimsIdentity as the type to build the JWS or JWE when using SecurityTokenDescriptor. ValidateToken had an out parameter of type SecurityToken, which doesn't for async. A ClaimsPrincipal was returned, sometimes using claim type mapping to build the claims. This model new model, is much lighter weight and works with native Json.Net objects. We plan on layering on top, so that you can get back to the existing types, but we will allow users to control what is returned using injection and delegates.

We saw performance improvements of up to 100% in some scenarios.

关于.net - 为什么我们有两个 JWT token 类 JwtSecurityTokenHandler 和 JsonWebTokenHandler?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60455167/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com