Previous version: http://blog.csdn.net/h996666/article/details/78207031
Don't say it, just paste the code
package com.life.app.token; import java.util.Date; import java.util.HashMap; import java.util.Map; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.lang3.StringUtils; import org.bouncycastle.util.encoders.Base64; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.JwtBuilder; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; /** * Json web token issuance * */ public class JWT { // key key private static final String SECRET_KEY = "xxxxxxx"; /** * Construct the key * * @return */ private static SecretKey generalKey() { byte[] encodeKey = Base64.decode(SECRET_KEY); return new SecretKeySpec(encodeKey, 0, encodeKey.length, "AES"); } /** * Issue JWT * * @param jti The unique identity of JWT, mainly used as a one-time token (allowing to be empty) * @param sub JWT to which user (empty allowed) * @param expiredTimeAt expiration time (current time ms + expired time ms), unit ms (allow to be empty) * @param claims payload information * @return */ public static String createJWT(String jti, String sub, long expiredTimeAt, Map<String, Object> claims) { // get the key SecretKey secretKey = generalKey(); // Build the JWT, and set the issuance time and signature algorithm JwtBuilder builder = Jwts.builder() .setIssuedAt (new Date ()) .signWith(SignatureAlgorithm.HS256, secretKey); // check jti if (! StringUtils.isBlank (jti)) { builder.setId (jti); } // check sub if(!StringUtils.isBlank(sub)) { builder.setSubject(sub); } // Expiration if (expiredTimeAt > 0) { Date expDate = new Date(expiredTimeAt); builder.setExpiration(expDate); } // check if (claims != null) { // save related information for (Map.Entry<String, Object> en : claims.entrySet()) { builder.claim(en.getKey(), en.getValue()); } } return builder.compact(); } /** * * Parse the JWT string * * @param jwt * @return claims, including announcement claims, custom claims * @throws ExpiredJwtException, SignatureException, Exception token has expired, signature verification failed, other errors */ public static Map<String, Object> parseJWT(String jwt) { SecretKey secretKey = generalKey(); try { Map<String, Object> claims = Jwts.parser() .setSigningKey(secretKey) .parseClaimsJws(jwt) .getBody(); return claims; } catch (Exception e) { e.printStackTrace (); return null; } } public static void main(String[] args) { Map<String, Object> map = new HashMap<String, Object>(); map.put("userId", 10000); String jwt = createJWT("", "", System.currentTimeMillis() + 30*60*1000, map); System.out.println(jwt); /** * Previously, parseJWT(jwt) returned the Claims object, * Claims implements the Map interface, which is actually the encapsulation of the Map, so it can directly return the Map */ Map<String, Object> claims = parseJWT(jwt); System.out.println(claims.get("userId")); System.out.println(claims.get("iat")); System.out.println(claims.get("exp")); } }