{
"typ":"JWT",
"alg":"HS256"
}
使用了HS256加密后的数据,包含三个部分:
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.6.0</version>
</dependency>
#jwt
audience.clientId=098f6bcd4621d373cade4e832627b4f6
audience.base64Secret=MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY=
audience.name=restapiuser
#24小时
audience.expiresSecond=86400000
/**
* @Author thailandking
* @Date 2019/8/22 16:20
* @LastEditors thailandking
* @LastEditTime 2019/8/22 16:20
* @Description JWT工具类
*/
@Component
public class JwtUtil {
@Value("${audience.clientId}")
private String clientId;
@Value("${audience.base64Secret}")
private String base64Secret;
@Value("${audience.name}")
private String name;
@Value("${audience.expiresSecond}")
private Long expiresSecond;
//解析jwt
public User parseJWT(String jsonWebToken) {
try {
Claims claims = Jwts.parser()
.setSigningKey(DatatypeConverter.parseBase64Binary(base64Secret))
.parseClaimsJws(jsonWebToken).getBody();
if (claims == null) {
return null;
}
Long id = (Long) claims.get("id");
String name = (String) claims.get("name");
User user = new User();
user.setId(id);
user.setName(name);
return user;
} catch (Exception e) {
return null;
}
}
//构建jwt
public String createJWT(User user) {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
//生成签名密钥
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Secret);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
//添加构成JWT的参数
JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
.claim("id", user.getId())
.claim("name", user.getName())
.setIssuer(clientId)
.setAudience(name)
.signWith(signatureAlgorithm, signingKey);
//添加Token过期时间
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
long expMillis = nowMillis + expiresSecond;
Date exp = new Date(expMillis);
builder.setExpiration(exp).setNotBefore(now);
//生成JWT
return builder.compact();
}
}
public class LoginIntercepter implements HandlerInterceptor {
@Autowired
private JwtUtil jwtUtil;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String token = request.getHeader("token");
//401
if (StringUtils.isEmpty(token)) {
response.setStatus(HttpStatus.UNAUTHORIZED.value());
return false;
}
//403
// 注入工具类
if (jwtUtil == null) {
BeanFactory factory = WebApplicationContextUtils.getRequiredWebApplicationContext(request.getServletContext());
jwtUtil = (JwtUtil) factory.getBean("jwtUtil");
}
User user = jwtUtil.parseJWT(token);
if (user == null) {
response.setStatus(HttpStatus.FORBIDDEN.value());
return false;
}
return true;
}
}
@Configuration
public class IntercepterConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginIntercepter()).addPathPatterns("/user/**");
WebMvcConfigurer.super.addInterceptors(registry);
}
}
@Autowired
private JwtUtil jwtUtil;
/**
* @Author thailandking
* @Date 2019/8/22 14:13
* @LastEditors thailandking
* @LastEditTime 2019/8/22 14:13
* @Description jwt示例 用户登录
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
public Response login(@RequestParam(value = "name") String name,
@RequestParam(value = "pass") String pass) {
// 登录判定
User user = userService.getLoginUserService(name, pass);
// 生成token
String token = jwtUtil.createJWT(user);
return Response.ok().data(token);
}
@Configuration
public class CrossConfig {
@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("HEAD");
config.addAllowedMethod("GET");
config.addAllowedMethod("PUT");
config.addAllowedMethod("POST");
config.addAllowedMethod("DELETE");
config.addAllowedMethod("PATCH");
source.registerCorsConfiguration("/**", config);
final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(0);
return bean;
}
@Bean
public WebMvcConfigurer mvcConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("GET", "PUT", "POST", "GET", "OPTIONS");
}
};
}
}