JWT和SSM拦截器验证token


import java.io.UnsupportedEncodingException;
import java.util.*;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.yundong.platform.common.Const;

public class JwtUtil {
    private static String ISSUER = "sys_user";
    /**
     * 生成token 默认有效期是7天
     *
     * @param claims
     * @return
     */
    public static String genToken(Map claims) {

        try {
            //使用HMAC256进行加密
            Algorithm algorithm = Algorithm.HMAC256(Const.TOKENSALT);
            Date date = new Date(); //取时间
            Calendar calendar = new GregorianCalendar();
            calendar.setTime(date);
            calendar.add(calendar.DATE, 7); //把日期往后增加一天,整数  往后推,负数往前移动
            Date expireDatePoint = calendar.getTime(); //这个时间就是日期往后推一天的结果

            //创建jwt
            JWTCreator.Builder builder = JWT.create().
                    withIssuer(ISSUER). //发行人
                    withExpiresAt(expireDatePoint); //过期时间点

            //传入参数
            claims.forEach((key, value) -> {
                builder.withClaim(key, value);
            });

            //签名加密
            return builder.sign(algorithm);
        } catch (IllegalArgumentException | UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    /**
     * 生成token
     *
     * @param claims
     * @param expireDatePoint 过期时间点
     * @return
     */
    public static String genToken(Map claims, Date expireDatePoint) {

        try {
            //使用HMAC256进行加密
            Algorithm algorithm = Algorithm.HMAC256(Const.TOKENSALT);

            //创建jwt
            JWTCreator.Builder builder = JWT.create().
                    withIssuer(ISSUER). //发行人
                    withExpiresAt(expireDatePoint); //过期时间点

            //传入参数
            claims.forEach((key, value) -> {
                builder.withClaim(key, value);
            });

            //签名加密
            return builder.sign(algorithm);
        } catch (IllegalArgumentException | UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    /**
     * 解密jwt
     *
     * @param token
     * @return
     * @throws RuntimeException
     */
    public static Map verifyToken(String token) throws RuntimeException {
        Algorithm algorithm = null;
        try {
            //使用HMAC256进行加密
            algorithm = Algorithm.HMAC256(Const.TOKENSALT);
        } catch (IllegalArgumentException | UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }

        //解密
        JWTVerifier verifier = JWT.require(algorithm).withIssuer(ISSUER).build();
        DecodedJWT jwt = verifier.verify(token);
        Map map = jwt.getClaims();
        Map resultMap = new HashMap<>();
        map.forEach((k, v) -> resultMap.put(k, v.asString()));
        return resultMap;
    }


    /**
     * sign 签名 (参数名按ASCII码从小到大排序(字典序)+key+MD5+转大写签名)
     * @param
     * @return
     */
    public static String encodeSign(Map params){
        StringBuilder sb = new StringBuilder();
        // 将参数以参数名的字典升序排序
        Map sortParams = new TreeMap(params);
        // 遍历排序的字典,并拼接"key=value"格式
        for (Map.Entry entry : sortParams.entrySet()) {
            if (entry.getKey().equals("sign")) {
                continue;
            }
            String[] values = (String[])entry.getValue();
            if (sb.length()!=0) {
                sb.append("&");
            }
            // 如果参数为空, 那么直接跳过
            if (StringTools.StringIsEmpty(values[0])) {
                continue;
            }
            sb.append(entry.getKey()).append("=").append(JsonUtil.obj2String(values[0]));
        }
        return MD5Util.MD5EncodeUtf8(sb.toString()).toUpperCase();
    }

}

package com.yundong.platform.Interceptor;

import com.yundong.platform.common.ServerResponse;
import com.yundong.platform.util.JsonUtil;
import com.yundong.platform.util.JwtUtil;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.lang.reflect.Method;
import java.util.Map;
import java.util.SortedMap;

public class ParamCheckInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //如果不是映射到方法直接通过
        if (!(handler instanceof HandlerMethod)) {
            return true;
        }
        // 校验token
        String token = request.getParameter("token");
        String user_id = request.getParameter("user_id");
        if (token != null && user_id != null) {
            try {
                Map map = JwtUtil.verifyToken(token);
                String userId = map.get("userId");
                if (!userId.equals(user_id)) {
                    PrintWriter pw = response.getWriter();
                    pw.write(JsonUtil.obj2String(ServerResponse.createByErrorMessage("token错误")));
                    pw.flush();
                    pw.close();
                    return false;
                }
            } catch (Exception e) {
                PrintWriter pw = response.getWriter();
                pw.write(JsonUtil.obj2String(ServerResponse.createByErrorMessage("token解析失败")));
                pw.flush();
                pw.close();
                return false;
            }
        }
        // 校验参数一致性
        Map map = request.getParameterMap();
        String sign = JwtUtil.encodeSign(map);
        if (!sign.equals(request.getParameter("sign"))) {
            if (request.getRequestURL().toString().contains("localhost")) {
                return true;
            }
            PrintWriter pw = response.getWriter();
            pw.write(JsonUtil.obj2String(ServerResponse.createByErrorMessage("签名校验失败")));
            pw.flush();
            pw.close();
            return false;
        }
        System.out.println("token:::" + token);
        return true;


    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}


你可能感兴趣的:(JWT和SSM拦截器验证token)