//校验token(新)
public static CheckResult validateJWT(String jwtStr) {
CheckResult checkResult = new CheckResult();
Claims claims = new DefaultClaims();
try {
Map jwtClaims = parser(jwtStr);
String id = MapUtils.getString(jwtClaims, ID);
String user_name = MapUtils.getString(jwtClaims, USER_NAME);
claims.setId(id);
claims.setSubject(user_name);
checkResult.setSuccess(true);
checkResult.setClaims(claims);
} catch (ExpiredJwtException e) {
checkResult.setErrCode(Constant.JWT_ERRCODE_EXPIRE);
checkResult.setSuccess(false);
} catch (SignatureException e) {
checkResult.setErrCode(Constant.JWT_ERRCODE_FAIL);
checkResult.setSuccess(false);
} catch (Exception e) {
checkResult.setErrCode(Constant.JWT_ERRCODE_FAIL);
checkResult.setSuccess(false);
}
/*String id = MapUtils.getString(jwtClaims, ID);
String user_name = MapUtils.getString(jwtClaims, USER_NAME);*/
return checkResult;
}
//重新定义生成token
public static String createJWT(String id, String subject, long ttlMillis) throws IOException {
User user = new User();
user.setId(Long.parseLong(id));
user.setUserName(subject);
String uuid = UUID.randomUUID().toString();
user.setToken(uuid);
String jwtToken = createJWTToken(user,ttlMillis);
return jwtToken;
}
//jwt解析
private static Map parser(String jwtStr) {
if ("null".equals(jwtStr) || StringUtils.isBlank(jwtStr)) {
return null;
}
Map<String, Object> jwtClaims = Jwts.parser().setSigningKey(getKeyInstance()).parseClaimsJws(jwtStr).getBody();
return jwtClaims;
}
private String getUUIDFromJWT(String jwtToken) {
if ("null".equals(jwtToken) || StringUtils.isBlank(jwtToken)) {
return null;
}
try {
Map<String, Object> jwtClaims = Jwts.parser().setSigningKey(getKeyInstance()).parseClaimsJws(jwtToken).getBody();
return MapUtils.getString(jwtClaims, LOGIN_USER_KEY);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static String getTokenKey(String uuid) {
return "tokens:" + uuid;
}
private static final String LOGIN_USER_KEY = "LOGIN_USER_KEY";
private static final String ID = "ID";
private static final String USER_NAME = "USER_NAME";
private static String createJWTToken(User user, long ttlMillis) {
Map<String, Object> claims = new HashMap<>();
// 放入一个随机字符串,通过该串可找到登陆用户
claims.put(LOGIN_USER_KEY, user.getToken());
claims.put(ID,user.getId());
claims.put(USER_NAME,user.getUserName());
long nowMillis = System.currentTimeMillis();
Date now = new Date(nowMillis);
Long expMillis = null;
String jwtToken = null;
if (ttlMillis >= 0) {
expMillis = nowMillis + ttlMillis;
Date expDate = new Date(expMillis);
jwtToken = Jwts.builder()
.setId(String.valueOf(user.getId()))
.setSubject(user.getUserName())
.setIssuedAt(now)
.setClaims(claims)
.setExpiration(expDate)
.signWith(SignatureAlgorithm.HS256, getKeyInstance())
.compact();
}
return jwtToken;
}
private static Key KEY = null;
//私钥
private static String jwtSecret = "";
private static Key getKeyInstance() {
if (KEY == null) {
synchronized (TokenServiceJWTImpl.class) {
// 双重锁
if (KEY == null) {
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(jwtSecret);
KEY = new SecretKeySpec(apiKeySecretBytes, SignatureAlgorithm.HS256.getJcaName());
}
}
}
return KEY;
}
来源:CSDN
作者:亦、相牵
链接:https://blog.csdn.net/weixin_45637293/article/details/104021013