Article directory
1. Reproduce the error
When calling the local interface today, the console reported the following error:
io.jsonwebtoken.ExpiredJwtException: JWT expired at 2023-04-11T14:59:18+0800. Current time: 2023-04-11T15:16:30+0800
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:365)
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:458)
at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:518)
at com.test.config.jwt.Jwvider.checkToken(JwtTokenProvider.java:76)
at com.test.controller.AppPageController.pageContentDetail(AppPageController.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:197)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:141)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:894)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1063)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:626)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at com.github.xiaoymin.knife4j.spring.filter.SecurityBasicAuthFilter.doFilter(SecurityBasicAuthFilter.java:87)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:114)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:204)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.ssssssss.magicapi.core.config.MagicCorsFilter.doFilter(MagicCorsFilter.java:41)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
......
2. Analysis errors
There are so many error messages, we only need to pay attention to this sentence:
io.jsonwebtoken.ExpiredJwtException: JWT expired at 2023-04-11T14:59:18+0800. Current time: 2023-04-11T15:16:30+0800
This is jwt
the exception thrown, according to the error message:
jwt
The expected expiration time of is 2023-04-11 14:59:18
and the current time of the system is 2023-04-11 15:16:30
.
In other words, the system's time exceeds jwt
the set expiration time.
3. Fix bugs
Since the system time exceeds jwt
the set expiration time, we can use the following methods to solve it.
- regenerate
jwt token
In general, we will create it when we log in jwt token
, so we need to call the login interface to get the latest one jwt token
, as shown in the following figure:
Copy the above figure token
, call the written checkToken
method, and execute it successfully, as shown in the figure below:
Of course, if you get this error on the webpage, you can log out of your account and log in again.
- extended
jwt token
failure time
In our actual development, the general setting time is 2 hours, and we can modify it to 12 hours.
You can application.yml
modify it in the file, as shown in the following configuration:
# jwt配置
jwt:
tokenHeader: Authorization # JWT存储的请求头
# 令牌前缀: JWT负载中拿到开头
tokenStartWith: Bearer
#JWT加解密使用的密钥的base64编码
secret: xxxx
expiration: 43200000 #JWT的超期限时间-12小时候超时,以毫秒为单位
typ: JWT
alg: xxx
subject: xxx
Of course, you can also modify it in the code, as shown in the following code:
/**
* 创建token
*
* @return 返回jwt token
*/
public String createToken(TokenProperties tokenProperties) {
Date date = new Date(System.currentTimeMillis() + 43200000);
String token =
Jwts.builder()
.setSubject(JSON.toJSONString(tokenProperties))
.setExpiration(date)
.signWith(SignatureAlgorithm.HS512, key)
.compact();
return properties.getTokenStartWith() + SPACING + token;
}
However, in actual development, we do not recommend modifying the code, because the local environment, test environment, and online environment have jwt token
different requirements for expiration time.
Therefore, we generally application-xxx.yml
configure:
-
application-local.yml
In the local environment, you can set the expiration time to be longer, for example86400000毫秒(24小时)
, to avoid repeated logins when debugging the interface. -
application-dev.yml
test environment, the failure time can also be43200000毫秒(12小时)
-
application-prd.yml
In a formal environment, you can set the expiration time to2
hours, that is,7200000
milliseconds
4. Supplementary Notes
Just catching up with the recent ChatGPT
fire, use him to analyze the above errors, as shown in the following figure: