java JWT 生成和解析token

采用 io.jsonwebtoken 版

导入maven

        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.7.0</version>
        </dependency>

 

工具类

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.apache.commons.lang3.time.DateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.security.Key;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;


public class JWT {

    private static Logger log = LoggerFactory.getLogger(JWT.class);

    private static String KEY = "eyJhbGciOiJIUzI1NiJ9eyJ0aW1lcyI6MTY1ODEyNDQ0NjcwNywiZXhwIjoxNjU4MTI1MDQ2fQ1MybAL79Mm6Y7BRCg0fWrMqSJPTfjGKR6EJ6hiuhoF0";

    //该方法使用HS256算法和Secret:bankgl生成signKey
    private static Key getKeyInstance( ) {
        //We will sign our JavaWebToken with our ApiKey secret
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(KEY);
        Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName( ));
        return signingKey;
    }

    //使用HS256签名算法和生成的signingKey最终的Token,claims 中是有效载荷
    public static String createJavaWebToken(Map< String, Object > claims, Date endtime) {
        return Jwts.builder( ).setClaims(claims).setExpiration(endtime).signWith(SignatureAlgorithm.HS256, getKeyInstance( )).compact( );
    }

    //解析Token,同时也能验证Token,当验证失败返回null
    public static Map< String, Object > parserJavaWebToken(String token) {
        try {
            Map< String, Object > jwtClaims =
                    Jwts.parser( ).setSigningKey(getKeyInstance( )).parseClaimsJws(token).getBody( );
            return jwtClaims;
        } catch (Exception e) {
            //时间到了就直接报错了
            log.error("json web token verify failed");
            return null;
        }
    }

    public static Claims parserJavaWebTokenc(String jwt) {
        try {
            Claims jwtClaims =
                    Jwts.parser( ).setSigningKey(getKeyInstance( )).parseClaimsJws(jwt).getBody( );
            return jwtClaims;
        } catch (Exception e) {
            log.error("json web token verify failed");
            return null;
        }
    }

    public static long getUidByToken(String token) {
        try {
            Map< String, Object > map = parserJavaWebToken(token);
            if (map != null) {
                return Long.valueOf(String.valueOf(map.get("uid")));
            } else {
                return -1;
            }
        } catch (NumberFormatException e) {
            e.printStackTrace( );
        }
        return -1;
    }

    public static void main(String[] args) {
        HashMap<String, Object> map = new HashMap<>();
        map.put("id","3");
        map.put("user","张三");

        String javaWebToken = createJavaWebToken(map, DateUtils.addMinutes(new Date(), 1));
        System.err.println(javaWebToken);

        Map<String, Object> maps = parserJavaWebToken(javaWebToken);
        System.err.println(maps.get("id"));
        System.err.println(maps.get("user"));

    }

}

 

 

更多方法:https://github.com/jwtk/jjwt#asymmetric-keys

posted @ 2020-10-29 19:27  lanwf  阅读(8018)  评论(0编辑  收藏  举报