jwt实现库:nimbus-jose-jwt
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>9.10</version>
</dependency>
官网:Connect2id
1.对称加密HMAC
package com.lyr.base.security.util;
import com.lyr.base.security.model.JwtUser;
import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jose.shaded.json.JSONObject;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.text.ParseException;
import java.util.Date;
import java.util.List;
import java.util.UUID;
/**
* @author lyr
* @date: 2021-06-10 9:22
*/
public class JwtTokenUtil {
private static String md5String = "459534a9638940e49dd2b623e0de4692";
private static byte[] sharedSecret = md5String.getBytes();
private static String JWT_USER_KEY = "jwtUser";
private static long expirationTime = 600;
/**
* 根据JwtUser生成token
* @param jwtUser
* @return
* @throws JOSEException
*/
public static String createJwtToken(JwtUser jwtUser) throws JOSEException {
JWSSigner signer = new MACSigner(sharedSecret);
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.jwtID(UUID.randomUUID().toString().replace("-", ""))
.claim(JWT_USER_KEY, jwtUser)
.expirationTime(new Date(System.currentTimeMillis() + expirationTime * 1000))
.build();
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);
signedJWT.sign(signer);
return signedJWT.serialize();
}
/**
* 通过jwtToken获取JwtUser
* @param jwtToken
* @return
* @throws ParseException
* @throws JOSEException
*/
public static JwtUser getJwtUserByToken(String jwtToken) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(jwtToken);
boolean isValid = alertValid(signedJWT);
if(!isValid){
return null;
}
JSONObject claim = (JSONObject) signedJWT.getJWTClaimsSet().getClaim(JWT_USER_KEY);
long id = (long) claim.getAsNumber("id");
String nikeName = claim.getAsString("nikeName");
List<String> authoritys = (List<String>) claim.get("authoritys");
JwtUser jwtUser = new JwtUser().setId(id).setNikeName(nikeName).setAuthoritys(authoritys);
return jwtUser;
}
/**
* 验证令牌是否有效
* @param jwtToken
* @return
* @throws ParseException
* @throws JOSEException
*/
public static boolean isValid(String jwtToken) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(jwtToken);
boolean isValid =alertValid(signedJWT);
return isValid;
}
private static boolean alertValid(SignedJWT signedJWT) throws JOSEException, ParseException {
JWSVerifier verifier = new MACVerifier(sharedSecret);
boolean expire = new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime());
return signedJWT.verify(verifier)&&expire;
}
/**
* 通过jwtToken获取jti
* @param jwtToken
* @return
* @throws ParseException
*/
public static String getJti(String jwtToken) throws ParseException {
SignedJWT signedJWT = SignedJWT.parse(jwtToken);
String jwtid = signedJWT.getJWTClaimsSet().getJWTID();
return jwtid;
}
/**
* 验证令牌是否正确
* @param jwtToken
* @return
* @throws ParseException
* @throws JOSEException
*/
public static boolean isVerifier(String jwtToken) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(jwtToken);
JWSVerifier verifier = new MACVerifier(sharedSecret);
return signedJWT.verify(verifier);
}
/**
* 验证令牌是否过期
* @param jwtToken
* @return
* @throws ParseException
*/
public static boolean isExpiration(String jwtToken) throws ParseException {
SignedJWT signedJWT = SignedJWT.parse(jwtToken);
return new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime());
}
public static void main(String[] args) throws JOSEException, ParseException {
JwtUser jwtUser = new JwtUser().setId(123L).setNikeName("我是谁");
String jwtToken = JwtTokenUtil.createJwtToken(jwtUser);
System.out.println(jwtToken);
boolean valid = JwtTokenUtil.isValid(jwtToken);
System.out.println(valid);
System.out.println(JwtTokenUtil.isExpiration(jwtToken));
System.out.println(JwtTokenUtil.isVerifier(jwtToken));
System.out.println(JwtTokenUtil.getJti(jwtToken));
System.out.println(JwtTokenUtil.getJwtUserByToken(jwtToken));
}
}
jwtuser
package com.lyr.base.security.model;
import java.io.Serializable;
import java.util.List;
/**
* @author lyr
* @date: 2021-06-10 9:29
*/
public class JwtUser implements Serializable {
/**
* 用户id
*/
private Long id;
/**
* 用户昵称
*/
private String nikeName;
/**
* 用户权限
*/
private List<String> authoritys;
public Long getId() {
return id;
}
public JwtUser setId(Long id) {
this.id = id;
return this;
}
public String getNikeName() {
return nikeName;
}
public JwtUser setNikeName(String nikeName) {
this.nikeName = nikeName;
return this;
}
public List<String> getAuthoritys() {
return authoritys;
}[添加链接描述](https://blog.csdn.net/qq_28114159/article/details/107228467)
public JwtUser setAuthoritys(List<String> authoritys) {
this.authoritys = authoritys;
return this;
}
@Override
public String toString() {
return "JwtUser{" +
"id=" + id +
", nikeName='" + nikeName + '\'' +
", authoritys=" + authoritys +
'}';
}
}
2.非对称加密rsa
工具类后续封装
版权声明:本文为u013078871原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。