令牌
- Header:加密类型,BASE64
- Payload:有效信息,BASE64
- Signature:数字签名,单向加密
依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.18.2</version>
</dependency>
JWTUtil
@Component
@ConfigurationProperties(prefix = "jwt")
@EnableConfigurationProperties
public class JwtUtil {
private String key;
private Long expire;
public String getKey() {
return key;
}
public void setKey(String key) {
this.key = key;
}
public Long getExpire() {
return expire;
}
public void setExpire(Long expire) {
this.expire = expire;
}
/**
* 验证token是否合法
* @param token
* @return
*/
public boolean verifyToken(String token) {
try {
JWT.require(Algorithm.HMAC256(key)).build().verify(token);
return true;
} catch (JWTVerificationException e) {
return false;
}
}
/**
* 生成token
* @param data
* @return
*/
public String generateToken(String data) {
return JWT.create()
.withClaim("data", data)
.withExpiresAt(new Date(System.currentTimeMillis() + expire * 1000))
.sign(Algorithm.HMAC256(key));
}
/**
* 解析token
* @param token
* @return
*/
public String parseToken(String token) {
return JWT.require(Algorithm.HMAC256(key))
.build()
.verify(token)
.getClaim("data")
.asString();
}
/**
* 解析token且忽略过期时间
* @param token
* @return
*/
public String parseTokenIgnoreExpire(String token) {
return JWT.decode(token).getClaim("data").asString();
}
/**
* 获取token的过期时间
* @param token
* @return
*/
public Date getTokenExpireTime(String token) {
return JWT.decode(token).getExpiresAt();
}
}
jwt:
key: die
expire: 20
