導包:group: ‘io.jsonwebtoken’, name: ‘jjwt’, version: ‘0.9.0’
參考連結:link
常用方法
1、Jwts.builder的方法傳回DefaultJwtBuilder()
- setHeader() 一種是Header接口的實作,一種是Map
- setHeaderParam() 和 setHeaderParams() 向Header追加參數
- setPayload() 載荷直接指派與setClaims() claim對象選擇其一;
- compressWith() 壓縮方法。當載荷過長時可對其進行壓縮。可采用jjwt實作的兩種壓縮方法CompressionCodecs.GZIP和CompressionCodecs.DEFLATE
- signWith() 簽名方法。兩個參數分别是簽名算法和自定義的簽名Key(鹽)。簽名key可以byte[] 、String及Key的形式傳入。前兩種形式均存入builder的keyBytes屬性,後一種形式存入builder的key屬性。如果是第二種(及String類型)的key,則将其進行base64解碼獲得byte[]
- compact()方法生成token
2、Jwt的共生方法
- 生成token資料實體
//拼裝accessToken
tokenObject.setAId(device.getId());
tokenObject.setSignKey(loginPara.getSignKey());
tokenObject.setBase64Secret(getBase64Secret());
tokenObject.setClientId(md5);
tokenObject.setExpiresTime(tokeExpireTime+nowMillis);
tokenObject.setRole("appUser");
tokenObject.setUserName(loginPara.getUserName());
tokenObject.setName(device.getDeviceId());
- SignatureAlgorithm:簽名算法,常用作公鑰,私鑰,數字簽名
- SecretKeySpec: 生成簽名
//指定加密方式
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(tokenObject.getBase64Secret());
//生成簽名
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
- 生成token
JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
.setHeaderParam("alg", "HS256")
.setPayload(jsonObject.toString())
.signWith(signatureAlgorithm, signingKey);
String token = builder.compact();
- token的驗證
public static int checkToken(String jwt, HttpServletRequest httpRequest){
if (!StringUtils.isBlank(jwt)){
if (jwt.split("\\.").length==3) {
logger.info("jwt:" + jwt);
String[] split = jwt.split("\\.");
String content = split[1];
String s = Base64Codec.BASE64URL.decodeToString(content);
logger.info("s:" + s);
String sign = split[2];
logger.info("sign:" + sign);
JSONObject jsonObject1 = JSONObject.parseObject(s);
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
long expiresSecond = (long) jsonObject1.get("expiresSecond");
//判斷是否過期
if(now.getTime()>expiresSecond)
return 2;
TokenObject o = (TokenObject) JSONObject.toJavaObject(jsonObject1, TokenObject.class);
if (o!=null){
String project = o.getProject();
if (!"APPRequst".equals(project))
return 0;
}
String jwtByStr = createJWTByObj(o);
String s2 = jwtByStr.split("\\.")[2];
logger.info("s2:" + s2);
if (sign.equals(s2)) {
return 1;
} else
return 0;
}
}
return 0;
}