JSON Web Tokens - jwt.io
https://jwt.io/
依赖
FusionAuth/fusionauth-jwt: A simple to use Java 8 JWT Library. Verify, Sign, Encode, Decode all day.
https://github.com/fusionauth/fusionauth-jwt
<dependency>
<groupId>io.fusionauth</groupId>
<artifactId>fusionauth-jwt</artifactId>
<version>3.0.0</version>
</dependency>
hello-world
/**
* 1. 安装openssl
* 2. 命令生成公钥(yue), 私钥
* openssl genrsa -out rsa_private_key.pem 2048
* openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
*/
// ==============生成token==================
// 构建RSA signer 使用 SHA-256 hash
File pri = new File(this.getClass().getClassLoader().getResource("rsa_private_key.pem").getPath());
byte[] bFile = Files.readAllBytes(pri.toPath());
Signer signer = RSASigner.newSHA256Signer(new String(bFile));
// 构建 JWT with an issuer(iss), issued at(iat), subject(sub) and expiration(exp)
JWT jwt = new JWT().setIssuer("www.acme.com")
.setIssuedAt(ZonedDateTime.now(ZoneOffset.UTC))
.setSubject("f1e33ab3-027f-47c5-bb07-8dd8ab37a2d3")
.setExpiration(ZonedDateTime.now(ZoneOffset.UTC).plusMinutes(60));
// Sign and encode the JWT to a JSON string representation
String encodedJWT = JWT.getEncoder().encode(jwt, signer);
System.out.println(encodedJWT);
// ==============解析token==================
// Build an RSA signer using a SHA-256 hash
File pub= new File(this.getClass().getClassLoader().getResource("rsa_private_key.pem").getPath());
Verifier verifier = RSAVerifier.newVerifier(pub.toPath());
// Verify and decode the encoded string JWT to a rich object
JWT jwt2 = JWT.getDecoder().decode(encodedJWT, verifier);
// Assert the subject of the JWT is as expected
System.out.println(jwt2.subject);