苹果第三方登入

最近随着iOS的更新，苹果要求含有第三方登录的app必须实现苹果登录功能，在查询相关资料后整合进自己的项目中，再次记录下，也供大家借鉴。
以下是大致流程，挺简单的

第一步如果想用 JWT 解析验证，那么导包

<dependency>
    <groupId>io.jsonwebtoken</groupId>
    <artifactId>jjwt</artifactId>
    <version>0.9.1</version>
</dependency>
<dependency>
    <groupId>com.auth0</groupId>
    <artifactId>jwks-rsa</artifactId>
    <version>0.9.0</version>
</dependency>

第二步上代码

public static void main(String[] args) throws IOException {
     

        // 假设这是前台传递过来的, userID 可以和 解析的 sub进行比较，判断是否一致
        String identityToken="eyJraWQiOiI4NkQ4OEtm14564d65asdUlMyNTYifQ.eyJpc3MiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiYXVkIjoiY29tLnRvbXN6Lk5KRiIsImV4cCI6MTU5MzY1ODkyNCwiaWF0IjoxNTkzNjU4MzI0LCJzdWIiOiIwMDE0MDEuNDdkZjFiZDNkMGYyNDliZDg2NDYwMGJiNjQ4ZTdhMzcuMDIzMyIsImNfaGFzaCI6InFrOUJIYjZhUWJhd0dQR2stanBmb2ciLCJlbWFpbCI6IjM1MzczNTU4MUBxcS5jb20iLCJlbWFpbF92ZXJpZmllZCI6InRydWUiLCJhdXRoX3RpbWUiOjE1OTM2NTgzMjQsIm5vbmNlX3N1cHBvcnRlZCI6dHJ1ZX0.ciJvAMmz4X-zvgNQmp7TqdTDaQt25uzR06rHH_CcOzr1ftDfi3urCTT56RNAMEB0glEHVGdDx1RrUQhgvEdMd3ZzQTauoWcx0sFOBkBiyhZsae99j7na8y8vjQRyHmsDaoroxjImsOHBf_M4jpmq40yDG0VqQijiaAMs8PWmPM5OT814gWDmGcjA_gIKvv7L1iBny6TZghC0KlyEARRJi30sY48DR1FeLNYqnR5DznCj0G7Yl_ofwo0EVMINknqwNHWi6sQlnop5Nj1E79U7Bi7xPCknUjEaLXyt0r_6Iv720pwjeuN_jFoQBn00_QfQt8_ojxkpenJDpbDON_g3-A";
        String userID="001401.84541352135864600bb648e7a37.0233";
        String aud="";
        String sub="";
        if (identityToken.split("\\.").length > 1) {
     
            String claim = new String(Base64.decodeBase64(identityToken.split("\\.")[1]));
            JSONObject jsonObject = JSONObject.parseObject(claim);
             aud = jsonObject.get("aud").toString();
             sub = jsonObject.get("sub").toString();
        }

        // 通过 HttpClient 请求获取的公钥 keys
        HttpRespons httpRespons = new HttpRequester().sendGet("https://appleid.apple.com/auth/keys");
        System.out.println(httpRespons.getContent());

        String appleKey =httpRespons.getContent();

        Map maps = (Map) JSON.parse(appleKey);
        List<Map> keys = (List<Map>) maps.get("keys");
        String verify=null;
        for (Map key : keys) {
     
            Jwk jwa = Jwk.fromValues(key);
            PublicKey publicKey = jwa.getPublicKey();
            verify = verify(publicKey, identityToken, aud, sub);
            if ("SUCCESS".equals(verify)){
     
                return;
            }
        }
        System.out.println("最终结果："+verify);
    }
    public static String verify(PublicKey key, String jwt, String audience, String subject) {
     
        JwtParser jwtParser = Jwts.parser().setSigningKey(key);
        jwtParser.requireIssuer("https://appleid.apple.com");
        jwtParser.requireAudience(audience);
        jwtParser.requireSubject(subject);
        try {
     
            Jws<Claims> claim = jwtParser.parseClaimsJws(jwt);
            if (claim != null && claim.getBody().containsKey("auth_time")) {
     
                return "SUCCESS";
            }
            return "FAIL";
        } catch (ExpiredJwtException e) {
     
            e.printStackTrace();
            return "token超时,请重新点击";
        } catch (Exception e) {
     
            e.printStackTrace();
            return "token解析失败，建议更换登入方式";
        }
    }