Springboot 使用jwt

关于jwt

 

<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>

配置 key
private static final String SALT = "0142add7c2664198863943f24bf4b8b9";

private static Key getKeyInstance() {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
String apiKey = DatatypeConverter.printBase64Binary(SALT.getBytes());
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(apiKey);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
return signingKey;
}

生成token
public static String createJavaWebToken4JwtAuth(Map<String, Object> claims) {
logger.info("生成的token为开始");
String toekn = Jwts.builder().setClaims(claims).setExpiration(DateUtil.addSeconds(new Date(), 50))
.signWith(SignatureAlgorithm.HS256, getKeyInstance()).compact();
logger.info("生成的token为：" + toekn);
return toekn;
}
其中 官方Payload 中的属性都有对应api来配置，🌰中配置了 .setExpiration(DateUtil.addSeconds(new Date(), 50))

获取body部分
public static Map<String, Object> verifyJavaWebToken(String jwt) {
try {
Map<String, Object> jwtClaims =
Jwts.parser().setSigningKey(getKeyInstance()).parseClaimsJws(jwt).getBody();
return jwtClaims;
} catch (Exception e) {
logger.info(e.getMessage());
return null;
}
}
当当前时间超过配置的过期时间时，会后抛出异常

校验有效性方法
public static boolean isTokenEffect(String jwt) {
if (StringUtils.isEmpty(jwt)) {
return false;
}
Map<String, Object> claims = verifyJavaWebToken(jwt);
if (null == claims) {
logger.info("转换jwt失败！");
return false;
}
return true;
}
使用
public static void main(String[] args) {

Map<String, Object> paramMap = new HashMap<>();
paramMap.put("username", "大西瓜");
paramMap.put("dept", "冬西瓜地");
String tokens = JwtUtil.createJavaWebToken4JwtAuth(paramMap);
System.out.println(tokens);
System.out.println(isTokenEffect(tokens));

}