jwt基本实现
前言
参考:https://www.bilibili.com/video/BV1i54y1m7cP?p=5&vd_source=aa4e16557c3a6622877c08d8d7a0a57f
https://www.cnblogs.com/langkyeSir/p/14062473.html#%E4%BA%8Cjwt%E5%8F%AF%E4%BB%A5%E5%81%9A%E4%BB%80%E4%B9%88
pom依赖
<dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.4.0</version> </dependency>
或
<!-- 引入jwt -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.10.3</version>
</dependency>
异常类型:
- SignatureVerificationException: 签名不一致异常
- TokenExpiredException: 令牌过期异常
- AlgorithmMismatchException: 算法不匹配异常
- InvalidClaimException: 失效的payload异常
一、基本实现
package com.example.baidu; import com.auth0.jwt.JWT; import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.interfaces.DecodedJWT; import com.auth0.jwt.interfaces.JWTVerifier; import org.junit.Test; import sun.misc.BASE64Encoder; import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.util.Calendar; /** * jwt 基本实现 */ public class JwtBaseImpl { @Test public void testSign() { Calendar instance = Calendar.getInstance(); instance.add(Calendar.SECOND, 90); //生成令牌 String token = JWT.create() // 省略.withHeader()默认内容 .withClaim("username", "张三")//设置自定义用户名 .withExpiresAt(instance.getTime())//设置过期时间 .sign(Algorithm.HMAC256("token!Q2W#E$RW"));//设置签名 保密 复杂 //输出令牌 System.out.println(token); } @Test public void testCheckSign() { String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NTc5NjYwMTQsInVzZXJuYW1lIjoi5byg5LiJIn0.7DhlRdld9tXAeTa2lGwS-_vRT5PNBbEnLfPkGQ3_W60"; JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256("token!Q2W#E$RW")).build(); DecodedJWT decodedJWT = jwtVerifier.verify(token); // 设置的用户名类型是string取值的时候也要asString System.out.println("用户名: " + decodedJWT.getClaim("username").asString()); System.out.println("过期时间: "+decodedJWT.getExpiresAt()); } }
二、抽取工具类
package com.example.baidu.jwt.utils; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTCreator; import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.interfaces.DecodedJWT; import java.util.Calendar; import java.util.Map; public class JWTUtils { private static String TOKEN = "token!Q@W3e4r"; /** * 生成token * @param map //传入payload * @return 返回token */ public static String getToken(Map<String,String> map){ JWTCreator.Builder builder = JWT.create(); map.forEach((k,v)->{ builder.withClaim(k,v); }); Calendar instance = Calendar.getInstance(); instance.add(Calendar.SECOND,7); builder.withExpiresAt(instance.getTime()); return builder.sign(Algorithm.HMAC256(TOKEN)).toString(); } /** * 验证token * @param token * @return */ public static void verify(String token){ JWT.require(Algorithm.HMAC256(TOKEN)).build().verify(token); } /** * 获取token中payload * @param token * @return */ public static DecodedJWT getToken(String token){ return JWT.require(Algorithm.HMAC256(TOKEN)).build().verify(token); } }