一 生成公私鑰
public static void main(String[] args) throws NoSuchAlgorithmException { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); KeyPair keyPair = keyPairGenerator.generateKeyPair(); Key publicKey = keyPair.getPublic(); Key privateKey = keyPair.getPrivate(); System.out.println( (new BASE64Encoder()).encodeBuffer(privateKey.getEncoded())); System.out.println( (new BASE64Encoder()).encodeBuffer(publicKey.getEncoded())); }
生成公私鑰備用
二 頒發token項目使用私鑰生成
通過BASE64編碼轉換為私鑰
byte[] keyBytes;
keyBytes = Base64.getDecoder().decode(privateKey.getBytes());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(keySpec);
通過私鑰生成數據 claim 為自定義數據
public static String ecode(String account, String subject, long expired, Map<String, Object> data, Key privateKey)
{
try
{
JSONObject HEADER = JSONObject.parseObject("{'type':'JWT','sign':'RS256'}");
Long nowMillis = System.currentTimeMillis();
Date createTime = new Date(nowMillis);
Date expiredTime = new Date(nowMillis + expired);
JwtBuilder builder = Jwts.builder();
builder.setHeader(HEADER).setId(UUID.randomUUID().toString()).setIssuer("頒發者").setAudience(account).setSubject(subject).setIssuedAt(createTime).setNotBefore(createTime).setExpiration(expiredTime).signWith(SIGNATURE_TYPE, privateKey);
builder.claim("data", data);
return builder.compact();
}
catch (Exception e)
{
e.printStackTrace();
}
return "";
}
三 通過公鑰獲取數據
通過BASE64編碼轉換為公鑰
byte[] keyBytes = Base64.getDecoder().decode("publicKeyString");
X509EncodedKeySpec keySpec=new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory= KeyFactory.getInstance("RSA");
keyFactory.generatePublic(keySpec);
通過公鑰解析數據
String jwtString = "";
// 使用公鑰解析JWT內容
Claims claims = dcode(jwtString, keyFactory.generatePublic(keySpec));
System.out.println(claims.getExpiration());
System.out.println(new Date());
System.out.println(claims.getExpiration());
System.out.println(claims.get("data"));
System.out.println();