JAVA结合 JSON Web Token(JWT) 工具类
引入java-jwt-3.3.0.jar 、 jjwt-0.9.0.jar 、jackson-all-1.7.6.jar
或者maven
<!-- https://mvnrepository.com/artifact/com.auth0/java-jwt --> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.3.0</version> </dependency> <!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt --> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt</artifactId> <version>0.9.0</version> </dependency> <!-- https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-mapper-asl --> <dependency> <groupId>org.codehaus.jackson</groupId> <artifactId>jackson-mapper-asl</artifactId> <version>1.7.0</version> </dependency>
JWTUtils.java
import io.jsonwebtoken.*; import org.codehaus.jackson.map.ObjectMapper; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import javax.servlet.http.HttpServletRequest; import java.util.Date; import java.util.LinkedHashMap; import java.util.Map; /** * @author yvioo。 */ public class JWTUtils { /** * 服务器的kye.用户做加解密的key数据。 */ private static final String JWT_SECERT = "23asfeferfggrtg"; private static final ObjectMapper MAPPER = new ObjectMapper(); public static SecretKey generalKey() { try { byte[] encodedKey = JWT_SECERT.getBytes("UTF-8"); SecretKey key = new SecretKeySpec(encodedKey, 0, encodedKey.length, "AES"); return key; } catch (Exception e) { e.printStackTrace(); } return null; } /** * 签发JWT,创建token的方法 * * @param id jwt的唯一标识,主要用来做一次性token。 * @param iss jwt签发者 * @param subject jwt所面向的用户。一般使用用户的登录名 * @param headerMap 请求头map集合 * @param ttlMillis 有效期,单位毫秒 * @return token 是为一个用户的有效登录周期准备的一个token 。用户退出或超时,token失效 */ public static String createJWT(String id, String iss, String subject, Map<String, Object> headerMap, long ttlMillis) { try { SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; long nowMilllis = System.currentTimeMillis(); Date now = new Date(nowMilllis); SecretKey secretKey = generalKey(); JwtBuilder builder = Jwts.builder() .setId(id) .setIssuer(iss) .setSubject(subject) //token生成时间 .setIssuedAt(now) //设置密匙和算法 .signWith(signatureAlgorithm, secretKey); if (headerMap != null) { builder.setHeaderParams(headerMap); } if (ttlMillis > 0) { long expMillis = nowMilllis + ttlMillis; Date expDate = new Date(expMillis); builder.setExpiration(expDate); } return builder.compact(); } catch (Exception e) { e.printStackTrace(); } return null; } /** * 解析JWT字符串 * * @param jwt 就是生成的toekn * @return */ public static Claims parseJWT(String jwt) { SecretKey secretKey = generalKey(); return Jwts.parser() .setSigningKey(secretKey) .parseClaimsJws(jwt) .getBody(); } /** * 解析JWT请求头字符串 * @param jwt 就是生成的toekn * @return */ public static JwsHeader parseJwsHeader(String jwt) { SecretKey secretKey = generalKey(); return Jwts.parser() .setSigningKey(secretKey) .parseClaimsJws(jwt) .getHeader(); } /** * 验证jwt * * @param jwtStr * @return */ public static boolean validateJWT(String jwtStr) { Claims claims = null; try { claims = parseJWT(jwtStr); return true; //成功 } catch (ExpiredJwtException e) { //token过期 return false; } catch (Exception e) { return false; } } public static String generalSubject(Object subject) { try { return MAPPER.writeValueAsString(subject); } catch (Exception e) { e.printStackTrace(); } return subject + ""; } public static void main(String[] args) { Map<String, Object> param = new LinkedHashMap<>(); param.put("code", "1222"); String jwtToken = JWTUtils.createJWT("1", "test-jwt", JWTUtils.generalSubject("yvioo"), param, 1 * 60 * 1000); System.out.println(jwtToken); Claims claims = parseJWT(jwtToken); System.out.println(claims.getId()); JwsHeader jwsHeader = parseJwsHeader(jwtToken); System.out.println(jwsHeader.get("code")); } /** * 获取接口放在header中的token * * @param request */ public void test(HttpServletRequest request) { //生成的token String token = request.getHeader("Authorization"); //验证 boolean result = JWTUtils.validateJWT(token); } }
-----------------------有任何问题可以在评论区评论,也可以私信我,我看到的话会进行回复,欢迎大家指教------------------------
(蓝奏云官网有些地址失效了,需要把请求地址lanzous改成lanzoux才可以)
