####导入依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.1.0</version>
</dependency>
复制代码
封装工具类
utils/JwtToken.java:
package com.blog.utils;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.blog.entity.User;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class JwtToken {
/**
* 公用秘钥-保存在服务器,客户端不会知道秘钥的,防止被攻击
*/
public static String SECRET = "otyblog";
/**
* 生成token
*/
public static String createToken(User user) throws Exception{
//签发时间
Date iatDate = new Date();
//过期时间-1小时过期
//解析:Calendar类是个抽象类,因此本身不能被实例化,所以实例化需要使用以下来实例其子类,这是在getInstance方法内部其实是实例化了GregorianCalendar 对象并返回了。
Calendar nowTime = Calendar.getInstance();
//void add(int field,int amount)根据日历的规则将指定的(带符号的)时间量添加到给定的日历字段中
nowTime.add(Calendar.HOUR,1);//日历字段,要添加到该字段的日期或时间的数量。
Date expiresDate = nowTime.getTime();//获取过期时间
//头部信息
Map<String,Object> map = new HashMap<String,Object>();
map.put("alg","HS256");//声明加密算法--HS256
map.put("typ","JWT");//声明类型--jwt
String token = JWT.create()
.withHeader(map)//header
.withClaim("userId",user.getUserId())//playload---存储主要的有用信息
.withClaim("roleId",user.getRoleId())
.withClaim("userName",user.getUserName())
.withClaim("passWord",user.getPassWord())
.withExpiresAt(expiresDate)//设置过期时间
.withIssuedAt(iatDate)//签发时间
.sign(Algorithm.HMAC256(SECRET));//加密
return token;
}
/**
* 解密Token
*/
public static Map<String, Claim> verifyToken(String token) throws Exception{
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(SECRET)).build();
DecodedJWT jwt = null;
try{
jwt = verifier.verify(token);
}catch (Exception e){
throw new RuntimeException("token已过期,请重新登录");
}
return jwt.getClaims();
}
}
复制代码
测试
// 测试jwt
@Test
void testJWT() throws Exception {
User user = new User();
user.setUserId(1);
user.setUserName("张三");
user.setPassWord("123456");
user.setRoleId(1);
String token = JwtToken.createToken(user);
System.out.println("token:"+token);
Map<String, Claim> claimMap = JwtToken.verifyToken(token);
System.out.println(claimMap.get("userId").asInt());
System.out.println(claimMap.get("userName").asString());
System.out.println(claimMap.get("passWord").asString());
System.out.println(claimMap.get("roleId").asInt());
}
输出:
token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwYXNzV29yZCI6IjEyMzQ1NiIsInJvbGVJZCI6MSwidXNlck5hbWUiOiLlvKDkuIkiLCJleHAiOjE2MTczNTE4ODEsInVzZXJJZCI6MSwiaWF0IjoxNjE3MzQ4MjgxfQ.PU7SOb9jtlO1r7WHXf6aZNpApUSA_2IZtP2Pu5iBNkc
1
张三
123456
1
复制代码
近期评论