Java JWT
package com.lrm;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import jdk.internal.dynalink.beans.StaticClass;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Map;
import java.util.Stack;
public class JWTUtils {
private static final String SING = "ldjfklajsfjas";
public static void main(String[] args) {
HashMap<String, String> hashMap = new HashMap<>();
hashMap.put("username","hyf");
String token = JWTUtils.getToken(hashMap);
JWTUtils.verify(token);
System.out.println(JWTUtils.getTokenInfo(token).getToken());
}
/**
* 生成Token header.payload.sign
*/
public static String getToken(Map<String, String> map) {
Calendar instance = Calendar.getInstance();
instance.add(Calendar.DATE, 7); //默认7天过期
//创建jwt builder
JWTCreator.Builder builder = JWT.create();
//payload
map.forEach((k,v)->{
builder.withClaim(k,v);
});
String token = builder.withExpiresAt(instance.getTime())
.sign(Algorithm.HMAC256(SING));
return token;
}
/**
* 验证token的合法性
*/
public static void verify(String token){
JWT.require(Algorithm.HMAC256(SING)).build().verify(token); //这一行代码就可以起到验证的作用,因为在验证不匹配时它自动会抛出异常
}
/**
* 获取token的信息方法
*/
public static DecodedJWT getTokenInfo(String token){
DecodedJWT verify = JWT.require(Algorithm.HMAC256(SING)).build().verify(token);
return verify;
}
}
单体项目在拦截器中做Token鉴权
分布式项目在网关中做Token鉴权
token生成放redis里