环境:SpringBoot + JWT
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.4.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.ray</groupId>
<artifactId>springboot-jwt</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springboot-jwt</name>
<description>Spring Boot 整合 JWT</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--引入jwt-->
<!-- https://mvnrepository.com/artifact/com.auth0/java-jwt -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.11.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
## jwt 相关配置
jwt:
secret: token!Q@W#E$R%GF*DS&VC$$JKJS@@ZXC!DR
package com.ray.springbootjwt.controller;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.*;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.Calendar;
/**
* @Description: JWT 测试接口
* @Author Ray
* @Date 2020/10/20 15:46
* @Version 1.0
*/
@RestController
@RequestMapping(value = "/test")
public class TestController {
@Value("${jwt.secret}")
private String secret;
/**
* 生成token
*/
@RequestMapping(value = "/createToken")
public String createToken() {
JWTCreator.Builder builder = JWT.create();
// 载体,携带的内容
builder.withClaim("id", "1")
.withClaim("username", "Ray");
// 过期时间
Calendar instance = Calendar.getInstance();
instance.add(Calendar.SECOND, 30);
// 指定令牌的过期时间
builder.withExpiresAt(instance.getTime());
// 签名,并生成token
String token = builder.sign(Algorithm.HMAC256(secret));
return token;
}
/**
* 验证token
*/
@RequestMapping(value = "/verifyToken")
public String verifyToken(String token) {
// 需要匹配相同的加密
JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(secret)).build();
try {
// 验证的时候,会抛出各种异常
DecodedJWT verify = jwtVerifier.verify(token);
// 假设验证通过,获取里面的信息
String id = verify.getClaim("id").asString();
String username = verify.getClaim("username").asString();
return "id: " + id + "\t username: " + username;
} catch (SignatureVerificationException e) {
e.printStackTrace();
return "error ~~ 签名不一致";
} catch (TokenExpiredException e) {
e.printStackTrace();
return "error ~~ 令牌过期";
} catch (AlgorithmMismatchException e) {
e.printStackTrace();
return "error ~~ 算法不匹配";
} catch (InvalidClaimException e) {
e.printStackTrace();
return "error ~~ 失效的payload";
} catch (Exception e) {
e.printStackTrace();
return "error ~~ token无效";
}
}
}