Jwt

收藏一篇好文 SpringBoot 中使用 JWT

JWT 生成登录凭证案例【token】

依赖

<!-- jwt -->
<dependency>
    <groupId>io.jsonwebtoken</groupId>
    <artifactId>jjwt</artifactId>
    <version>0.9.1</version>
</dependency>

jwt配置

chenfu:
  audience:
    # 密钥, 经过Base64加密, 可自行替换
    base64Secret: MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY=
    # JWT的签发主体，存入issuer
    name: chenfu
    # 过期时间，时间戳
    expiresSecond: 60

配置类

@SpringBootConfiguration
@ConfigurationProperties(prefix = "chenfu")
public class AudienceConfig {

    @Getter
    private final Audience audience = new Audience();

    @Data
    public static class Audience {
        private String base64Secret;
        private String name;
        private int expiresSecond;
    }

}

token 的签发和获取过期时间

@Component
public class JwtUtils {

    @Autowired
    AudienceConfig audienceConfig;

//    签发 token
    public String getToken(String sub) {
        AudienceConfig.Audience configAudience = audienceConfig.getAudience();
        Key key = new SecretKeySpec(DatatypeConverter.parseBase64Binary(configAudience.getBase64Secret()), SignatureAlgorithm.HS512.getJcaName());
        String token = Jwts.builder()
                .setSubject(sub)
                .signWith(SignatureAlgorithm.HS512, key)
                .setExpiration(new Date(System.currentTimeMillis() + configAudience.getExpiresSecond() * 1000))
                .compact();
        return token;
    }

//    获取过期时间，注意如果已经过期会抛过期异常 
//    io.jsonwebtoken.ExpiredJwtException.class
    public String getSubject(String token) {
        AudienceConfig.Audience configAudience = audienceConfig.getAudience();
        Key key = new SecretKeySpec(DatatypeConverter.parseBase64Binary(configAudience.getBase64Secret()), SignatureAlgorithm.HS512.getJcaName());
        return Jwts.parser()
                .setSigningKey(key)
                .parseClaimsJws(token)
                .getBody()
                .getSubject();
    }

}

打赏