JWT的Token使用
依赖导入
<!--token持久化依赖-->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.8.2</version>
</dependency>
基本使用
import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.interfaces.DecodedJWT; import org.apache.ibatis.javassist.scopedpool.ScopedClassPoolFactory; import org.junit.Test; import java.util.Date; import java.util.HashMap; import java.util.Map; //导入依赖java-jwt public class JwtUtil { //设置过期时间 private static final long EXPIRE_TIME = 24*60 * 1000; //控制token有效时间 //token秘钥 private static final String TOKEN_SECRET = "f26e587c28064d0e855e72c0a6a0e618"; //生成token public static String sign(String username, String permission) { String token = ""; try { //过期时间 Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME); //秘钥及加密算法 Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); //设置头部信息 Map<String, Object> header = new HashMap<>(2); header.put("typ", "JWT"); header.put("alg", "HS256"); //携带username,password信息,生成签名 return JWT.create() .withHeader(header) .withClaim("loginName", username) .withClaim("permission", permission) .withExpiresAt(date) .sign(algorithm); } catch (Exception e) { e.printStackTrace(); return null; } } //一、判断token是否在有校期 public static boolean isJwtExpired(String token){ /** * @desc 判断token是否过期 * @author lj */ try { DecodedJWT decodeToken = JWT.decode(token); return decodeToken.getExpiresAt().before(new Date()); } catch(Exception e){ return true; } } //二、验证token,通过返回true public static boolean verify(String token){ /** * @desc 验证token,通过返回true * @params [token]需要校验的串 **/ try { Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); JWTVerifier verifier = JWT.require(algorithm).build(); DecodedJWT jwt = verifier.verify(token); return true; }catch (Exception e){ e.printStackTrace(); return false; } } //三、获取密码账号 public static String parseJWT(String token){ /** * @desc 解密token,返回一个map * @params [token]需要校验的串 **/ DecodedJWT decodeToken = JWT.decode(token); return decodeToken.getClaim("loginName").asString(); } }
Token测试
import org.junit.Test; public class test { //生成token // @Test public void create(){ String a= JwtUtil.sign("123456","123456"); System.out.println(a); } //判断token是否已经过期 // @Test public void jedgetime(){ boolean a=JwtUtil.isJwtExpired("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbk5hbWUiOiIxMjM0NTYiLCJwZXJtaXNzaW9uIjoiMTIzNDU2IiwiZXhwIjoxNjUzNTM1MTIwfQ.b5_OErWkp4ghlkUNbAJxAVBsZom2T-lb6Of7hSBX1YM"); System.out.println(a); } //验证token // @Test public void jianyan(){ Boolean a=JwtUtil.verify("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbk5hbWUiOiIxMjM0NTYiLCJwZXJtaXNzaW9uIjoiMTIzNDU2IiwiZXhwIjoxNjUzNTM1MTIwfQ.b5_OErWkp4ghlkUNbAJxAVBsZom2T-lb6Of7hSBX1YM"); System.out.println(a); } //获取token存储的账号密码 // @Test public void getname(){ String a=JwtUtil.parseJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbk5hbWUiOiIxMjM0NTYiLCJwZXJtaXNzaW9uIjoiMTIzNDU2IiwiZXhwIjoxNjUzNTM1MTIwfQ.b5_OErWkp4ghlkUNbAJxAVBsZom2T-lb6Of7hSBX1YM"); System.out.println(a); } }
浙公网安备 33010602011771号
