jwt 整理
com.auth0
>java-jwt
3.4.0
com.alibaba
fastjson
1.2.78
@Slf4j
public class JwtUtil {
//过期时间 30min
private static int EXPIRE_TIME;
//私钥
private static String TOKEN_SECRET;
private static String USER_NAME;
static {
ResourceBundle bundle = ResourceBundle.getBundle("jwt");
EXPIRE_TIME =Integer.parseInt( bundle.getString("EXPIRE_TIME"));
TOKEN_SECRET = bundle.getString("TOKEN_SECRET");
USER_NAME = bundle.getString("USER_NAME");
}
public static String createToken(User user) {
Calendar nowTime = Calendar.getInstance();
nowTime.add(Calendar.MINUTE, EXPIRE_TIME);
Date expiresDate = nowTime.getTime();
String userJson = JSON.toJSONString(user);
return JWT.create().withAudience(user.getId()+"") //签发对象
.withIssuedAt(new Date()) //发行时间
.withExpiresAt(expiresDate) //有效时间
.withClaim(USER_NAME,userJson) //载荷,随便写几个都可以
.sign(Algorithm.HMAC256(user.getId()+TOKEN_SECRET)); //加密
}
public static void verifyToken(String token, String secret) {
try {
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(secret+TOKEN_SECRET)).build();
verifier.verify(token);
} catch (Exception e) {
//效验失败
//自定义的一个异常
}
}
public static User getAudience(String token) {
User user = null;
try {
String tokenJson = JWT.decode(token).getClaim(USER_NAME).asString();
user = JSON.parseObject(tokenJson,User.class);
} catch (JWTDecodeException j) {
//这里是token解析失败
log.error(j.getMessage(),j);
return null;
}
return user;
}
public static void main(String[] args) {
User user = new User();
user.setId(1);
user.setName("王五");
String token = createToken(user);
System.out.println(token);
System.out.println(getAudience(token));
}
}
# 失效时间
EXPIRE_TIME = 30
# 秘钥
TOKEN_SECRET = "privateKey"
# 加密方式
USER_NAME = "name
配置文件的使用
static {
//配置文件名称
ResourceBundle bundle = ResourceBundle.getBundle("jwt");
//配置文件里面相应的内容 可以直接通过改配置文件 修改秘钥等等
EXPIRE_TIME =Integer.parseInt( bundle.getString("EXPIRE_TIME"));
TOKEN_SECRET = bundle.getString("TOKEN_SECRET");
USER_NAME = bundle.getString("USER_NAME");
}
第二种配置方式 直接在spring容器里面配置
@Slf4j
@Component
public class JwtUtil {
//第一种
//过期时间 30min
private static int EXPIRE_TIME;
//私钥
private static String TOKEN_SECRET;
private static String USER_NAME;
//第二种配置方式 直接在yml里面配置变量
//过期时间 30min
@Value("${jwt.expireTime}")
private static int expireTime;
//私钥
@Value("${jwt.tokenSecret}")
private static String tokenSecret;
static {
ResourceBundle bundle = ResourceBundle.getBundle("jwt");
EXPIRE_TIME =Integer.parseInt( bundle.getString("EXPIRE_TIME"));
TOKEN_SECRET = bundle.getString("TOKEN_SECRET");
USER_NAME = bundle.getString("USER_NAME");
}
public static String createToken(User user) {
Calendar nowTime = Calendar.getInstance();
nowTime.add(Calendar.MINUTE, expireTime);
Date expiresDate = nowTime.getTime();
String userJson = JSON.toJSONString(user);
return JWT.create().withAudience(user.getId()+"") //签发对象
.withIssuedAt(new Date()) //发行时间
.withExpiresAt(expiresDate) //有效时间
.withClaim(USER_NAME,userJson) //载荷,随便写几个都可以
.sign(Algorithm.HMAC256(user.getId()+tokenSecret)); //加密
}
public static void verifyToken(String token, String secret) {
try {
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(secret+tokenSecret)).build();
verifier.verify(token);
} catch (Exception e) {
//效验失败
//自定义的一个异常
}
}
public static User getAudience(String token) {
User user = null;
try {
String tokenJson = JWT.decode(token).getClaim(USER_NAME).asString();
user = JSON.parseObject(tokenJson,User.class);
} catch (JWTDecodeException j) {
//这里是token解析失败
log.error(j.getMessage(),j);
return null;
}
return user;
}
public static void main(String[] args) {
User user = new User();
user.setId(1);
user.setName("王五");
String token = createToken(user);
System.out.println(token);
System.out.println(getAudience(token));
}
}
然后在配置文件里面加
# jwt自定义配置
jwt:
expireTime: 30
tokenSecret: qcbcyKey
