1.定義checkToken枚舉
package com.jwt; /** * 枚舉,定義token的三種狀態 * @author DrangoneYu@163.com * */ public enum TokenState { /** * 過期 */ EXPIRED("EXPIRED"), /** * 無效(token不合法) */ INVALID("INVALID"), /** * 有效的 */ VALID("VALID"); private String state; private TokenState(String state) { this.state = state; } /** * 根據狀態字符串獲取token狀態枚舉對象 * @param tokenState * @return */ public static TokenState getTokenState(String tokenState){ TokenState[] states=TokenState.values(); TokenState ts=null; for (TokenState state : states) { if(state.toString().equals(tokenState)){ ts=state; break; } } return ts; } public String toString() { return this.state; } public String getState() { return state; } public void setState(String state) { this.state = state; } }
2.生成TOKEN及檢驗TOKEN工具類
1 package com.jwt; 2 import java.util.Date;
3 import java.util.HashMap; 4 import java.util.Map; 5 6 import com.nimbusds.jose.JOSEException; 7 import com.nimbusds.jose.JOSEObjectType; 8 import com.nimbusds.jose.JWSAlgorithm; 9 import com.nimbusds.jose.JWSHeader; 10 import com.nimbusds.jose.JWSObject; 11 import com.nimbusds.jose.JWSVerifier; 12 import com.nimbusds.jose.Payload; 13 import com.nimbusds.jose.crypto.MACSigner; 14 import com.nimbusds.jose.crypto.MACVerifier; 15 16 import net.minidev.json.JSONObject; 17 /** 18 * 19 * @author DrangoneYu@163.com 20 * 21 */ 22 public class Jwt { 23 24 25 /** 26 * 秘鑰 27 */ 28 private static final byte[] SECRET="DrangoneYu@163fac04467df11fff26d".getBytes(); 29 30 /** 31 * 初始化head部分的數據為 32 * { 33 * "alg":"HS256", 34 * "type":"JWT" 35 * } 36 */ 37 private static final JWSHeader header=new JWSHeader(JWSAlgorithm.HS256, JOSEObjectType.JWT, null, null, null, null, null, null, null, null, null, null, null); 38 39 /** 40 * 生成token,該方法只在用戶登錄成功后調用 41 * 42 * @param Map集合,可以存儲用戶id,token生成時間,token過期時間等自定義字段 43 * @return token字符串,若失敗則返回null 44 */ 45 public static String createToken(Map<String, Object> payload) { 46 String tokenString=null; 47 // 創建一個 JWS object 48 JWSObject jwsObject = new JWSObject(header, new Payload(new JSONObject(payload))); 49 try { 50 // 將jwsObject 進行HMAC簽名 51 jwsObject.sign(new MACSigner(SECRET)); 52 tokenString=jwsObject.serialize(); 53 } catch (JOSEException e) { 54 System.err.println("簽名失敗:" + e.getMessage()); 55 e.printStackTrace(); 56 } 57 return tokenString; 58 } 59 60 61 62 /** 63 * 校驗token是否合法,返回Map集合,集合中主要包含 state狀態碼 data鑒權成功后從token中提取的數據 64 * 該方法在過濾器中調用,每次請求API時都校驗 65 * @param token 66 * @return Map<String, Object> 67 */ 68 public static Map<String, Object> validToken(String token) { 69 Map<String, Object> resultMap = new HashMap<String, Object>(); 70 try { 71 JWSObject jwsObject = JWSObject.parse(token); 72 Payload payload = jwsObject.getPayload(); 73 JWSVerifier verifier = new MACVerifier(SECRET); 74 75 if (jwsObject.verify(verifier)) { 76 JSONObject jsonOBj = payload.toJSONObject(); 77 // token校驗成功(此時沒有校驗是否過期) 78 resultMap.put("state", TokenState.VALID.toString()); 79 // 若payload包含ext字段,則校驗是否過期 80 if (jsonOBj.containsKey("ext")) { 81 long extTime = Long.valueOf(jsonOBj.get("ext").toString()); 82 long curTime = new Date().getTime(); 83 // 過期了 84 if (curTime > extTime) { 85 resultMap.clear(); 86 resultMap.put("state", TokenState.EXPIRED.toString()); 87 } 88 } 89 resultMap.put("data", jsonOBj); 90 91 } else { 92 // 校驗失敗 93 resultMap.put("state", TokenState.INVALID.toString()); 94 } 95 96 } catch (Exception e) { 97 //e.printStackTrace(); 98 // token格式不合法導致的異常 99 resultMap.clear(); 100 resultMap.put("state", TokenState.INVALID.toString()); 101 } 102 return resultMap; 103 } 104
105 }
public static void main(String[] args) { Map<String , Object> payload=new HashMap<String, Object>(); Date date=new Date(); payload.put("uid", "291969452");//用戶id payload.put("iat", date.getTime());//生成時間 payload.put("ext",date.getTime()+1000*60*60);//過期時間1小時 String token=null; token=Jwt.createToken(payload); }
3.依賴jar
asm-1.0-RC1.jar
java-property-utils-1.9.1.jar
json-smart-2.0-RC2.jar
nimbus-jose-jwt-4.1.3.1.jar