投稿
  1. 极客之音首页
  2. 后端开发

jwt生成token和解密token

小半 后端开发 阅读 158

导读:本篇文章讲解 jwt生成token和解密token,希望对大家有帮助,欢迎收藏,转发!站点地址:www.bmabk.com

目录

一、引入依赖

<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>3.18.2</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-core</artifactId>
    <version>2.13.2</version>
</dependency>
<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-databind</artifactId>
    <version>2.13.2.2</version>
</dependency>
<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-annotations</artifactId>
    <version>2.13.2</version>
</dependency>

二、工具类


import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;

import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

public class JwtUtil {
    /**
     * 生成token的秘钥
     */
    private static String TOKEN_KEY = "54j12048-1f56-45c1-a3f1-3c549bc2bb47";
    /**
     * token颁布者
     */
    private static String ISSure = "XiaoHaiTang";
    /**
     * token有效期2小时
     */
    private static int TOKEN_TIMEOUT = 2;


    /**
     * 生成token
     *
     * @param claims 要放入token中的信息
     */
    public static String create(Map<String, String> claims) {
        Map<String, Object> headerMap = new HashMap<>();
        headerMap.put("alg", "HS256");
        headerMap.put("typ", "JWT");
        Calendar c = Calendar.getInstance();
        c.add(Calendar.HOUR_OF_DAY, TOKEN_TIMEOUT);
        JWTCreator.Builder builder = JWT.create()
                .withHeader(headerMap)
                .withIssuer(ISSure)   //发布者
                .withIssuedAt(new Date())   //生成签名的时间
                .withExpiresAt(c.getTime());//token有效期
        //插入值
        for (String key : claims.keySet()) {
            builder.withClaim(key, claims.get(key));
        }
        //使用HS256加密算法生成token
        Algorithm algorithm = Algorithm.HMAC256(TOKEN_KEY);
        String token = builder.sign(algorithm);
        return token;
    }

    /**
     * 验证token是否有效
     */
    public static boolean verifierToken(String token) {
        try {
            Algorithm algorithm = Algorithm.HMAC256(TOKEN_KEY);
            JWTVerifier verifier = JWT.require(algorithm)
                    .withIssuer(ISSure) //匹配指定的token发布者 auth0
                    .build();
            DecodedJWT jwt = verifier.verify(token); //解码JWT ,verifier 可复用
            /*
            System.out.println(jwt.getToken());//打印完整token
            System.out.println(jwt.getHeader());//打印token的头部
            System.out.println(jwt.getPayload());//打印token的荷载
            System.out.println(jwt.getSignature());//打印token的签名
            System.out.println(jwt.getExpiresAt());//打印token的过期时间
            */
            return true;
        } catch (JWTVerificationException e) {
            //无效的签名/声明
            System.out.println("验证的token无效:"+ e.getMessage());
            return false;
        }
    }


    /**
     * 获取token中放入的信息
     */
    public static Map<String, Claim> getTokenInfo(String token) {
        Map<String, Claim> map = null;
        try {
            Algorithm algorithm = Algorithm.HMAC256(TOKEN_KEY);
            JWTVerifier verifier = JWT.require(algorithm)
                    .withIssuer(ISSure) //匹配指定的token发布者 auth0
                    .build();
            DecodedJWT jwt = verifier.verify(token);
            map = jwt.getClaims();
        } catch (JWTVerificationException e) {
            //无效的签名/声明
            System.out.println("验证的token无效");
            e.printStackTrace();
        }
        return map;
    }
}

三、测试


import com.auth0.jwt.interfaces.Claim;
import com.service.JwtUtil;

import java.util.HashMap;
import java.util.Map;

public class MainServer {
    public static void main(String[] args) {
        //获取token
        Map<String, String> map = new HashMap<>();
        map.put("name", "张三");
        map.put("id", "1024");
        String token = JwtUtil.create(map);
        System.out.println("生成的token:" + token);

        //token中获取信息
        Map<String, Claim> resultMap = JwtUtil.getTokenInfo(token);
        Claim name = resultMap.get("name");
        Claim id = resultMap.get("id");
        System.out.println("获取token中的name:" + name);
        System.out.println("获取token中的id:" + id);

        //验证token是否有效
        boolean isEfficient = JwtUtil.verifierToken(token);
        System.out.println("token是否有效:" + isEfficient);
    }
  }

输出:

生成的token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJYaWFvSGFpVGFuZyIsIm5hbWUiOiLlvKDkuIkiLCJpZCI6IjEwMjQiLCJleHAiOjE2NTA2MDg0OTYsImlhdCI6MTY1MDYwMTI5Nn0.ZwIVouqvUh9gH3o7XjntzaXHadfFLRilEazwSMixmik
获取token中的name:"张三"
获取token中的id:"1024"
token是否有效:true

参考:
使用auth0构建JWT
Token插件:Auth0和jjwt对比
SpringBoot集成JWT实现token验证

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/80261.html

(0)
小半的头像小半
0 0

相关推荐

极客之音——专业性很强的中文编程技术网站,欢迎收藏到浏览器,订阅我们!