jjwt&java-jwt

jjwt

<dependency>
    <groupId>io.jsonwebtoken</groupId>
    <artifactId>jjwt</artifactId>
    <version>0.6.0</version>
</dependency>

Base64加密、解密

@Test
public void testGenJwt() {
    
    
    JwtBuilder jwtBuilder = Jwts.builder()
                                .setSubject("zzhua")
                                .setId("001")
                                .signWith(SignatureAlgorithm.HS256, "YOUR_secret");
    String token = jwtBuilder.compact();
    System.out.println(token);
    // eyJhbGciOiJIUzI1NiJ9.
    // eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9.
    // yipfa-gsDGg-5KYqeCVo_oiOnUx2D0Sp589gCUXCap8
}

@Test
public void testParseToken() throws IOException {
    
    
    BASE64Decoder decoder = new BASE64Decoder();
    // 使用Base64解析jwtToken的负载部分（头部和负载部分都是使用Base64加密的，所以可以解密）
    String data = new String(decoder.decodeBuffer("eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9"));
    System.out.println(data); // 解析结果：{"sub":"zzhua","jti":"001"}

    BASE64Encoder encoder = new BASE64Encoder();
    // 使用Base64加密
    String encode = encoder.encode("{\"sub\":\"zzhua\",\"jti\":\"001\"}".getBytes());
    System.out.println(encode); // 与上面完全符合：eyJzdWIiOiJ6emh1YSIsImp0aSI6IjAwMSJ9
}

用法

//生成token
public class CreateJwtTest {
    
    
    public static void main(String[] args) {
    
    
        JwtBuilder builder= Jwts.builder().setId("888")
            .setSubject("小白")
            .setIssuedAt(new Date())
            .signWith(SignatureAlgorithm.HS256,"itcast");
        System.out.println( builder.compact() );
    }
}

// 解析token
public class ParseJwtTest {
    
    
    public static void main(String[] args) {
    
    

        String token="eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI4ODgiLCJzdWIiOiLlsI_nmb0iLCJpYXQiO"+
            "jE1MjM0MTM0NTh9.gq0J-cOM_qCNqU_s-d_IrRytaNenesPmqAIhQpYXHZk";

        Claims claims = Jwts.parser().setSigningKey("itcast").parseClaimsJws(token).getBody();

        System.out.println("id:"+claims.getId());
        System.out.println("subject:"+claims.getSubject());
        System.out.println("IssuedAt:"+claims.getIssuedAt());

    }
}

// 自定义claims数据
public class CreateJwtTest3 {
    
    
    public static void main(String[] args) {
    
    
        //为了方便测试，我们将过期时间设置为1分钟
        long now = System.currentTimeMillis();//当前时间
        long exp = now + 1000*60;//过期时间为1分钟
        new HashMap<String,Object>()
        JwtBuilder builder= Jwts.builder().setId("888")
            .setSubject("小白")
            .setIssuedAt(new Date())
            .signWith(SignatureAlgorithm.HS256,"itcast")
            .setExpiration(new Date(exp))
            .claim("roles","admin") //自定义claims存储数据
            .claim("logo","logo.png");
        System.out.println( builder.compact() );
    }
}

java-jwt

引入依赖

<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>java-jwt</artifactId>
    <version>3.4.0</version>
</dependency>

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;

import java.util.Arrays;
import java.util.Date;
import java.util.List;

public class JWTUtil {
    
    

    /**
     * 过期时间3小时
     */
    private static final long EXPIRE_TIME = 3 * 60 * 60 * 1000;

    /**
     * 校验token是否正确
     *
     * @param token  密钥
     * @param secret 用户的密码
     * @return 是否正确
     */
    public static boolean verify(String token, String username, String secret) {
    
    
        try {
    
    
            Algorithm algorithm = Algorithm.HMAC256(secret);
            JWTVerifier verifier = JWT.require(algorithm)
                    .withClaim("username", username)
                    .build();
            DecodedJWT jwt = verifier.verify(token);
            return true;
        } catch (Exception exception) {
    
    
            return false;
        }
    }

    /**
     * @return token中包含的用户名
     */
    public static String getUsername(String token) {
    
    
        try {
    
    
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim("username").asString();
        } catch (JWTDecodeException e) {
    
    
            return null;
        }
    }

    /**
     * 获取当前用户
     *
     * @param token jwt加密信息
     * @return 解析的当前用户信息
     */
    public static Principal getPrincipal(String token) {
    
    
        try {
    
    
            Principal principal = new Principal();
            DecodedJWT jwt = JWT.decode(token);
            principal.setUserId(jwt.getClaim("userId").asString());
            principal.setUserName(jwt.getClaim("username").asString());
            String[] roleArr = jwt.getClaim("roles").asArray(String.class);
            if (roleArr != null) {
    
    
                principal.setRoles(Arrays.asList(roleArr));
            }
            return principal;
        } catch (JWTDecodeException e) {
    
    
            return null;
        }
    }

    /**
     * 获取角色组
     *
     * @param token
     * @return
     */
    public static String[] getRoles(String token) {
    
    
        try {
    
    
            DecodedJWT jwt = JWT.decode(token);
            return jwt.getClaim("roles").asArray(String.class);
        } catch (JWTDecodeException e) {
    
    
            return null;
        }
    }

    /**
     * 生成签名
     *
     * @param username 用户名
     * @param userId   用户id
     * @param secret   用户的密码
     * @return 加密的token
     */
    public static String sign(String username, String userId, List<String> roles, String secret) {
    
    
        Date date = new Date(System.currentTimeMillis() + EXPIRE_TIME);
        Algorithm algorithm = Algorithm.HMAC256(secret);
        String[] roleArr = new String[roles.size()];
        roleArr = roles.toArray(roleArr);
        // 附带username信息
        return JWT.create()
                .withClaim("userId", userId)
                .withClaim("username", username)
                .withArrayClaim("roles", roleArr)
                .withExpiresAt(date)
                .sign(algorithm);
    }
}