Files
love-nav/src/main/java/com/lovenav/utils/TokenUtils.java
2023-12-23 16:23:38 +08:00

122 lines
3.9 KiB
Java
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package com.lovenav.utils;
import com.google.common.io.BaseEncoding;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@Component
public class TokenUtils {
private static long tokenExpiredTime;
private static String jwtId;
private static String jwtSecret;
/**
* 创建JWT
*/
public static String createJWT(Map<String, Object> claims, Long time) {
//指定签名的时候使用的签名算法也就是header那部分jjwt已经将这部分内容封装好了。
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
Date now = new Date(System.currentTimeMillis());
SecretKey secretKey = generalKey();
//生成JWT的时间
long nowMillis = System.currentTimeMillis();
//下面就是在为payload添加各种标准声明和私有声明了
//这里其实就是new一个JwtBuilder设置jwt的body
JwtBuilder builder = Jwts.builder()
//如果有私有声明一定要先设置这个自己创建的私有的声明这个是给builder的claim赋值一旦写在标准的声明赋值之后就是覆盖了那些标准的声明的
.setClaims(claims)
//设置jti(JWT ID)是JWT的唯一标识根据业务需要这个可以设置为一个不重复的值主要用来作为一次性token,从而回避重放攻击。
.setId(jwtId)
//iat: jwt的签发时间
.setIssuedAt(now)
//设置签名使用的签名算法和签名使用的秘钥
.signWith(signatureAlgorithm, secretKey);
if (time >= 0) {
long expMillis = nowMillis + time;
Date exp = new Date(expMillis);
//设置过期时间
builder.setExpiration(exp);
}
return builder.compact();
}
/**
* 验证jwt
*/
public static Claims verifyJwt(String token) {
//签名秘钥,和生成的签名的秘钥一模一样
SecretKey key = generalKey();
Claims claims;
try {
claims = Jwts.parser() //得到DefaultJwtParser
.setSigningKey(key) //设置签名的秘钥
.parseClaimsJws(token).getBody();
} catch (Exception e) {
claims = null;
}//设置需要解析的jwt
return claims;
}
/**
* 由字符串生成加密key
*
* @return SecretKey
*/
public static SecretKey generalKey() {
String stringKey = jwtSecret;
byte[] encodedKey = BaseEncoding.base64().decode(stringKey);
SecretKey key = new SecretKeySpec(encodedKey, 0, encodedKey.length, "HmacSHA256");
return key;
}
/**
* 根据userId和openid生成token
*/
public static String generateToken(String openId) {
Map<String, Object> map = new HashMap<>();
map.put("openId", openId);
return createJWT(map, tokenExpiredTime);
}
@Value("${jwt.token-expired-time}")
public void setTokenExpiredTime(long tokenExpiredTime) {
TokenUtils.tokenExpiredTime = tokenExpiredTime;
}
@Value("${jwt.id}")
public void setJwtId(String jwtId) {
TokenUtils.jwtId = jwtId;
}
@Value("${jwt.secret}")
public void setJwtSecret(String jwtSecret) {
TokenUtils.jwtSecret = jwtSecret;
}
public static long getTokenExpiredTime() {
return tokenExpiredTime;
}
public static String getJwtId() {
return jwtId;
}
public static String getJwtSecret() {
return jwtSecret;
}
}