jjwt
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.6.0</version>
</dependency>
Base64加密、解密
@Test
public void testGenJwt() {
JwtBuilder jwtBuilder = Jwts.builder()
.setSubject("zzhua")
.setId("001")
.signWith(SignatureAlgorithm.HS256, "YOUR_secret");
String token = jwtBuilder.compact();
System.out.println(token);
// eyJhbGciOiJIUzI1NiJ9.
// eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9.
// yipfa-gsDGg-5KYqeCVo_oiOnUx2D0Sp589gCUXCap8
}
@Test
public void testParseToken() throws IOException {
BASE64Decoder decoder = new BASE64Decoder();
// 使用Base64解析jwtToken的负载部分(头部和负载部分都是使用Base64加密的,所以可以解密)
String data = new String(decoder.decodeBuffer("eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9"));
System.out.println(data); // 解析结果:{"sub":"zzhua","jti":"001"}
BASE64Encoder encoder = new BASE64Encoder();
// 使用Base64加密
String encode = encoder.encode("{\"sub\":\"zzhua\",\"jti\":\"001\"}".getBytes());
System.out.println(encode); // 与上面完全符合:eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9
}
用法
//生成token
public class CreateJwtTest {
public static void main(String[] args) {
JwtBuilder builder= Jwts.builder().setId("888")
.setSubject("小白")
.setIssuedAt(new Date())
.signWith(SignatureAlgorithm.HS256,"itcast");
System.out.println( builder.compact() );
}
}
// 解析token
public class ParseJwtTest {
public static void main(String[] args) {
String token="eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI4ODgiLCJzdWIiOiLlsI_nmb0iLCJpYXQiO"+
"jE1MjM0MTM0NTh9.gq0J-cOM_qCNqU_s-d_IrRytaNenesPmqAIhQpYXHZk";
Claims claims = Jwts.parser().setSigningKey("itcast").parseClaimsJws(token).getBody();
System.out.println("id:"+claims.getId());
System.out.println("subject:"+claims.getSubject());
System.out.println("IssuedAt:"+claims.getIssuedAt());
}
}
// 自定义claims数据
public class CreateJwtTest3 {
public static void main(String[] args) {
//为了方便测试,我们将过期时间设置为1分钟
long now = System.currentTimeMillis();//当前时间
long exp = now + 1000*60;//过期时间为1分钟
new HashMap<String,Object>()
JwtBuilder builder= Jwts.builder().setId("888")
.setSubject("小白")
.setIssuedAt(new Date())
.signWith(SignatureAlgorithm.HS256,"itcast")
.setExpiration(new Date(exp))
.claim("roles","admin") //自定义claims存储数据
.claim("logo","logo.png");
System.out.println( builder.compact() );
}
}
java-jwt
引入依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.4.0</version>
</dependency>
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
public class JWTUtil {
/**
* 过期时间3小时
*/
private static final long EXPIRE_TIME = 3 * 60 * 60 * 1000;
/**
* 校验token是否正确
*
* @param token 密钥
* @param secret 用户的密码
* @return 是否正确
*/
public static boolean verify(String token, String username, String secret) {
try {
Algorithm algorithm = Algorithm.HMAC256(secret);
JWTVerifier verifier = JWT.require(algorithm)
.withClaim("username", username)
.build();
DecodedJWT jwt = verifier.verify(token);
return true;
} catch (Exception exception) {
return false;
}
}
/**
* @return token中包含的用户名
*/
public static String getUsername(String token) {
try {
DecodedJWT jwt = JWT.decode(token);
return jwt.getClaim("username").asString();
} catch (JWTDecodeException e) {
return null;
}
}
/**
* 获取当前用户
*
* @param token jwt加密信息
* @return 解析的当前用户信息
*/
public static Principal getPrincipal(String token) {
try {
Principal principal = new Principal();
DecodedJWT jwt = JWT.decode(token);
principal.setUserId(jwt.getClaim("userId").asString());
principal.setUserName(jwt.getClaim("username").asString());
String[] roleArr = jwt.getClaim("roles").asArray(String.class);
if (roleArr != null) {
principal.setRoles(Arrays.asList(roleArr));
}
return principal;
} catch (JWTDecodeException e) {
return null;
}
}
/**
* 获取角色组
*
* @param token
* @return
*/
public static String[] getRoles(String token) {
try {
DecodedJWT jwt = JWT.decode(token);
return jwt.getClaim("roles").asArray(String.class);
} catch (JWTDecodeException e) {
return null;
}
}
/**
* 生成签名
*
* @param username 用户名
* @param userId 用户id
* @param secret 用户的密码
* @return 加密的token
*/
public static String sign(String username, String userId, List<String> roles, String secret) {
Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
Algorithm algorithm = Algorithm.HMAC256(secret);
String[] roleArr = new String[roles.size()];
roleArr = roles.toArray(roleArr);
// 附带username信息
return JWT.create()
.withClaim("userId", userId)
.withClaim("username", username)
.withArrayClaim("roles", roleArr)
.withExpiresAt(date)
.sign(algorithm);
}
}