java开发jwt示例
pom文件引入
<dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> <version>2.15.1</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> <version>2.15.1</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> <version>2.15.1</version> </dependency> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>4.4.0</version> </dependency>
ras生成工具类
import java.security.spec.InvalidKeySpecException; import java.util.Base64; import javax.crypto.Cipher; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; /** * Java RSA 加密工具类 * */ public class RSAUtils { /** * 密钥长度 于原文长度对应 以及越长速度越慢 */ private final static int KEY_SIZE = 1024; public static KeyPair createKeyPair(int size) throws NoSuchAlgorithmException { // KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象 KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA"); // 初始化密钥对生成器 keyPairGen.initialize(Math.max(size, KEY_SIZE), new SecureRandom()); // 生成一个密钥对,保存在keyPair中 KeyPair keyPair = keyPairGen.generateKeyPair(); return keyPair; } /** * 随机生成密钥对 */ public static String[] genKeyPair(int size) throws NoSuchAlgorithmException { KeyPair keyPair = createKeyPair(size); // 得到私钥 RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到公钥 RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); String publicKeyString = Base64.getEncoder().encodeToString(publicKey.getEncoded()); // 得到私钥字符串 String privateKeyString = Base64.getEncoder().encodeToString(privateKey.getEncoded()); // 将公钥和私钥保存到Map return new String[]{publicKeyString, privateKeyString}; } public static RSAPublicKey toRSAPublicKey (String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException { byte[] decoded = Base64.getDecoder().decode(publicKey); return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded)); } public static RSAPrivateKey toRSAPrivateKey (String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException { byte[] decoded = Base64.getDecoder().decode(privateKey); return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded)); } /** * RSA公钥加密 * * @param str 加密字符串 * @param publicKey 公钥 * @return 密文 * @throws Exception 加密过程中的异常信息 */ public static String encrypt(String str, String publicKey) throws Exception { //base64编码的公钥 byte[] decoded = Base64.getDecoder().decode(publicKey); RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded)); //RSA加密 Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, pubKey); String outStr = Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes("UTF-8"))); return outStr; } /** * RSA私钥解密 * * @param str 加密字符串 * @param privateKey 私钥 * @return 明文 * @throws Exception 解密过程中的异常信息 */ public static String decrypt(String str, String privateKey) throws Exception { //64位解码加密后的字符串 byte[] inputByte = Base64.getDecoder().decode(str); //base64编码的私钥 byte[] decoded = Base64.getDecoder().decode(privateKey); RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded)); //RSA解密 Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, priKey); String outStr = new String(cipher.doFinal(inputByte)); return outStr; } }
示例
import com.auth0.jwt.JWT; import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.interfaces.DecodedJWT; import com.auth0.jwt.interfaces.JWTVerifier; import com.example.demo.util.RSAUtils; import org.junit.jupiter.api.Test; import java.security.NoSuchAlgorithmException; import java.time.Instant; import java.time.temporal.ChronoUnit; import java.util.Arrays; public class JWTTest { String[] keys; { try { keys = RSAUtils.genKeyPair(1024); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } } @Test public void test() { try { System.out.println(Arrays.toString(keys)); Algorithm algorithm = Algorithm.RSA256( RSAUtils.toRSAPublicKey(keys[0]), RSAUtils.toRSAPrivateKey(keys[1])); String token = JWT.create() .withIssuer("auth0") .withExpiresAt(Instant.now().plus(1, ChronoUnit.DAYS)) .sign(algorithm); System.out.println(token); decodedJWT(algorithm, token); } catch (Exception e){ e.printStackTrace(); } } private void decodedJWT(Algorithm algorithm, String token) { DecodedJWT decodedJWT; try { JWTVerifier verifier = JWT.require(algorithm) .withIssuer("auth0") .build(); decodedJWT = verifier.verify(token); System.out.println(decodedJWT.getPayload()); } catch (Exception e){ e.printStackTrace(); } } }