入门JWT

于 2020-11-13 15:47:00 发布
阅读量156 收藏
点赞数
CC 4.0 BY-SA版权
分类专栏: java 文章标签: jwt
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/leiPlus/article/details/109670721
本文介绍了JWT的初步使用,包括创建简单示例、结合拦截器实现认证,并详细讲解了jjwt库的运用,包括JwtUtils和Interceptor的配置以及JJwtUtils在测试类中的应用。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

一、简单demo

		<dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.10.3</version>
        </dependency>

      @Test
    public void test1() {
        Map<String, Object> map = new HashMap<>();
        Calendar instance = Calendar.getInstance();
        instance.add(Calendar.SECOND, 60);
        String token = JWT.create()
                //设置头
                .withHeader(map)
                //设置内容
                .withClaim("userId", 12)
                .withClaim("userName", "xiaowang")
                //过期时间
                .withExpiresAt(instance.getTime())
                //签名算法
                .sign(Algorithm.HMAC256("sadsa555"));
        System.out.println(token);
    }

    @Test
    public void test2() {
        //创建验证对象
        JWTVerifier verifier = JWT.require(Algorithm.HMAC256("sadsa555")).build();
        DecodedJWT verify = verifier.verify("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6InhpYW93YW5nIiwiZXhwIjoxNjA1MjM2MDk3LCJ1c2VySWQiOjEyfQ.hY13p-SDWYQXMvalMBBiwd57OowR8FFNN0K13xLRzZw");
        System.out.println(verify.getClaim("userId").asInt());
//        System.out.println(verify.getClaims().get("userId").asString());
        System.out.println(verify.getClaims().get("userName").asString());
    }

在这里插入图片描述

二、拦截器+jwt

JwtUtils

package com.springboot.utils;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;

import java.util.Calendar;
import java.util.Map;

public class JwtUtils {

    private static final String SING = "@WWQss232";

    /**
     * 生成token
     */
    public static String getToken(Map<String,String> map){
        Calendar instance = Calendar.getInstance();
//        instance.add(Calendar.DATE, 7);
        instance.add(Calendar.SECOND, 60);
        //创建jwtBuilder
        JWTCreator.Builder builder = JWT.create();
        //自定义参数
        for(String key:map.keySet()){
            builder.withClaim(key, map.get(key));
        }
//        map.forEach((k,v)->{
//            builder.withClaim(k, v);
//        });
        //设置过期时间及签名
        String token = builder.withExpiresAt(instance.getTime())
                .sign(Algorithm.HMAC256(SING));
        return token;
    }

    /**
     * 解析token
     */
    public static DecodedJWT verify(String token){
       return JWT.require(Algorithm.HMAC256(SING)).build().verify(token);
    }

}

interceptor

package com.springboot.interceptor;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.springboot.utils.JwtUtils;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

public class JwtInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("进入拦截器---");
        Map<String,Object> map = new HashMap<>();
        String token = request.getHeader("token");
        try {
            DecodedJWT verify = JwtUtils.verify(token);
            request.setAttribute("userId", verify.getClaim("userId").asString());
            request.setAttribute("username", verify.getClaim("username").asString());
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            map.put("code",400 );
            map.put("msg","token无效" );
        }
//        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().print("token无效");
        response.getWriter().flush();
        response.getWriter().close();
        return false;

    }
}

@Configuration
public class JwtInterceptorConfig implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new JwtInterceptor())
                .addPathPatterns("/user/**")
                .excludePathPatterns("/user/login");
    }
}

控制层

package com.springboot.controller;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.springboot.utils.JwtUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;

@Controller
@RequestMapping("/user")
public class UserController {

    @PostMapping("/login")
    @ResponseBody
    public Map<String, Object>  login(String username){
        Map<String, Object> map = new HashMap<>();
        if(!username.equals("admin")){
            map.put("msg","用户不存在" );
            map.put("code",400 );
            return map;
        }
        Map<String, String> payload = new HashMap<>();
        payload.put("userId","1001" );
        payload.put("username",username );
        String token = JwtUtils.getToken(payload);
        map.put("token",token );
        map.put("msg","请求成功" );
        map.put("code",200 );
        return map;

    }

    @GetMapping("/getUser")
    @ResponseBody
    public Map<String, Object>  getUser(HttpServletRequest request){
        Map<String, Object> map = new HashMap<>();
        try {
            DecodedJWT verify = JwtUtils.verify(request.getHeader("token"));
            map.put("userId",verify.getClaim("userId").asString() );
            map.put("username",verify.getClaim("username").asString() );
            map.put("msg","请求成功" );
            map.put("code",200 );
        } catch (Exception e) {
            map.put("msg","token失效" );
            map.put("code",400 );
        }
        return map;

    }

    /**
     * 拦截器传入
     */
    @GetMapping("/getUserTest")
    @ResponseBody
    public Map<String, Object>  getUserTest(HttpServletRequest request){
        Map<String, Object> map = new HashMap<>();
        map.put("userId", request.getAttribute("userId"));
        map.put("username", request.getAttribute("username"));
        return map;
    }


}

三、jjwt

<dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.9.0</version>
        </dependency>

JJwtUtils

package com.springboot.utils;

import com.auth0.jwt.algorithms.Algorithm;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

import java.util.Calendar;
import java.util.Map;

public class JJwtUtils {

    private static final String SIGN = "@WWQss232";

    /**
     * 生成token
     */
    public static String getToken(Map<String,String> map){
        Calendar instance = Calendar.getInstance();
//        instance.add(Calendar.DATE, 7);
        instance.add(Calendar.SECOND, 60);

        JwtBuilder builder = Jwts.builder();
        //自定义参数
        for(String key:map.keySet()){
            builder.claim(key, map.get(key));
        }
        builder.setExpiration(instance.getTime())
                .signWith(SignatureAlgorithm.HS256,SIGN);
        String token = builder.compact();
        System.out.println("toekn"+ token);
        return token;
    }
    /**
     * 解析token
     */
    public static Claims verifyToken(String token){
        Claims claims = (Claims)Jwts.parser()
                .setSigningKey(SIGN)
                .parse(token)
                .getBody();
        System.out.println("userId"+ claims.get("userId").toString());
        System.out.println("username"+ claims.get("username").toString());
        return claims;
    }
}

test类

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.springboot.utils.JJwtUtils;
import org.junit.Test;

import java.util.Calendar;
import java.util.HashMap;
import java.util.Map;


public class test1 {

    @Test
    public void test3(){
        Map<String, String> payload = new HashMap<>();
        payload.put("userId","1001" );
        payload.put("username","123" );
        String token = JJwtUtils.getToken(payload);
        System.out.println(token);
    }

    @Test
    public void test4(){
        JJwtUtils.verifyToken("eyJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiIxMDAxIiwidXNlcm5hbWUiOiIxMjMiLCJleHAiOjE2MDUyNTI0ODF9.rlZkS2v8Avq1m-2GNpL75ik97C9JYT3pT48giVd8-eA");
    }

}
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值