java JWT 生成和解析token
采用 io.jsonwebtoken 版
导入maven
<dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt</artifactId> <version>0.7.0</version> </dependency>
工具类
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.apache.commons.lang3.time.DateUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; import java.security.Key; import java.util.Date; import java.util.HashMap; import java.util.Map; public class JWT { private static Logger log = LoggerFactory.getLogger(JWT.class); private static String KEY = "eyJhbGciOiJIUzI1NiJ9eyJ0aW1lcyI6MTY1ODEyNDQ0NjcwNywiZXhwIjoxNjU4MTI1MDQ2fQ1MybAL79Mm6Y7BRCg0fWrMqSJPTfjGKR6EJ6hiuhoF0"; //该方法使用HS256算法和Secret:bankgl生成signKey private static Key getKeyInstance( ) { //We will sign our JavaWebToken with our ApiKey secret SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(KEY); Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName( )); return signingKey; } //使用HS256签名算法和生成的signingKey最终的Token,claims 中是有效载荷 public static String createJavaWebToken(Map< String, Object > claims, Date endtime) { return Jwts.builder( ).setClaims(claims).setExpiration(endtime).signWith(SignatureAlgorithm.HS256, getKeyInstance( )).compact( ); } //解析Token,同时也能验证Token,当验证失败返回null public static Map< String, Object > parserJavaWebToken(String token) { try { Map< String, Object > jwtClaims = Jwts.parser( ).setSigningKey(getKeyInstance( )).parseClaimsJws(token).getBody( ); return jwtClaims; } catch (Exception e) { //时间到了就直接报错了 log.error("json web token verify failed"); return null; } } public static Claims parserJavaWebTokenc(String jwt) { try { Claims jwtClaims = Jwts.parser( ).setSigningKey(getKeyInstance( )).parseClaimsJws(jwt).getBody( ); return jwtClaims; } catch (Exception e) { log.error("json web token verify failed"); return null; } } public static long getUidByToken(String token) { try { Map< String, Object > map = parserJavaWebToken(token); if (map != null) { return Long.valueOf(String.valueOf(map.get("uid"))); } else { return -1; } } catch (NumberFormatException e) { e.printStackTrace( ); } return -1; } public static void main(String[] args) { HashMap<String, Object> map = new HashMap<>(); map.put("id","3"); map.put("user","张三"); String javaWebToken = createJavaWebToken(map, DateUtils.addMinutes(new Date(), 1)); System.err.println(javaWebToken); Map<String, Object> maps = parserJavaWebToken(javaWebToken); System.err.println(maps.get("id")); System.err.println(maps.get("user")); } }
更多方法:https://github.com/jwtk/jjwt#asymmetric-keys
本文来自博客园,作者:lanwf,转载请注明原文链接:https://www.cnblogs.com/lccsdncnblogs/p/13898727.html