@Slf4j @Component public class JwtTokenUtil { @Resource private BaseCoreProperties baseCoreProperties; private static final String CLAIM_KEY_USERNAME = "sub"; private static final String CLAIM_KEY_CREATED = "created"; private static final String SCHOOL_ID = "school_id"; private static final String USER_ID = "user_id"; /** * 根据负责生成JWT的token */ private String generateToken(Map<String, Object> claims) { return Jwts.builder() .setClaims(claims) .setExpiration(generateExpirationDate()) .signWith(SignatureAlgorithm.HS512, baseCoreProperties.getJwt().getSecret()) .compact(); } /** * 获取schoolId * * @param request * @return */ public Long getSchoolId(HttpServletRequest request) { Claims claims = getClaimsFromToken(request); if (PubUtils.isNotNull(claims)) { Long schoolId = claims.get(SCHOOL_ID, Long.class); return schoolId; } else { return null; } } /** * 获取schoolId * * @param request * @return */ public Long getUserId(HttpServletRequest request) { Claims claims = getClaimsFromToken(request); if (PubUtils.isNotNull(claims)) { return claims.get(USER_ID, Long.class); } else { return null; } } /** * 解析request中的token信息 * * @param request * @return */ public Map<String, Object> getUserDetailFromToken(HttpServletRequest request) { return getClaimsFromToken(request); } /** * 解析request中的token信息 * * @param request * @return */ private Claims getClaimsFromToken(HttpServletRequest request) { String token = request.getHeader(baseCoreProperties.getJwt().getTokenPrefix()); Claims claims = null; try { claims = Jwts.parser() .setSigningKey(baseCoreProperties.getJwt().getSecret()) .parseClaimsJws(token) .getBody(); } catch (Exception e) { log.info("JWT格式验证失败:{}", token); } return claims; } /** * 从token中获取JWT中的负载 */ private Claims getClaimsFromToken(String token) { Claims claims = null; try { claims = Jwts.parser() .setSigningKey(baseCoreProperties.getJwt().getSecret()) .parseClaimsJws(token) .getBody(); } catch (Exception e) { log.info("JWT格式验证失败:{}", token); } return claims; } /** * 生成token的过期时间 */ private Date generateExpirationDate() { return new Date(System.currentTimeMillis() + baseCoreProperties.getJwt().getExpiration() * 1000); } /** * 从token中获取登录用户名 */ public String getUserNameFromToken(String token) { String username; try { Claims claims = getClaimsFromToken(token); username = claims.getSubject(); } catch (Exception e) { username = null; } return username; } /** * 验证token是否还有效 * * @param token 客户端传入的token * @param userAccount 从数据库中查询出来的用户信息 */ public boolean validateToken(String token, String userAccount) { String username = getUserNameFromToken(token); return username.equals(userAccount) && !isTokenExpired(token); } /** * 判断token是否已经失效 */ private boolean isTokenExpired(String token) { Date expiredDate = getExpiredDateFromToken(token); return expiredDate.before(new Date()); } /** * 从token中获取过期时间 */ public Date getExpiredDateFromToken(String token) { Claims claims = getClaimsFromToken(token); return claims.getExpiration(); } /** * 根据用户信息生成token * * @param userAccount */ public String generateToken(String userAccount) { Map<String, Object> claims = new HashMap<>(); claims.put(CLAIM_KEY_USERNAME, userAccount); claims.put(CLAIM_KEY_CREATED, new Date()); return generateToken(claims); } /** * 根据用户信息生成token * * @param userAccount * @param userId * @param schoolId * @return */ public String generateToken(String userAccount, Long userId, Long schoolId) { Map<String, Object> claims = new HashMap<>(); claims.put(CLAIM_KEY_USERNAME, userAccount); claims.put(CLAIM_KEY_CREATED, new Date()); claims.put(SCHOOL_ID, schoolId); claims.put(USER_ID, userId); return generateToken(claims); } /** * 当原来的token没过期时是可以刷新的 * * @param oldToken 带tokenHead的token */ public String refreshHeadToken(String oldToken) { if (StrUtil.isEmpty(oldToken)) { return null; } String token = oldToken.substring(baseCoreProperties.getJwt().getTokenPrefix().length()); if (StrUtil.isEmpty(token)) { return null; } //token校验不通过 Claims claims = getClaimsFromToken(token); if (claims == null) { return null; } //如果token已经过期,不支持刷新 if (isTokenExpired(token)) { return null; } //如果token在30分钟之内刚刷新过,返回原token if (tokenRefreshJustBefore(token, 30 * 60)) { return token; } else { claims.put(CLAIM_KEY_CREATED, new Date()); return generateToken(claims); } } /** * 判断token在指定时间内是否刚刚刷新过 * * @param token 原token * @param time 指定时间(秒) */ private boolean tokenRefreshJustBefore(String token, int time) { Claims claims = getClaimsFromToken(token); Date created = claims.get(CLAIM_KEY_CREATED, Date.class); Date refreshDate = new Date(); //刷新时间在创建时间的指定时间内 if (refreshDate.after(created) && refreshDate.before(DateUtil.offsetSecond(created, time))) { return true; } return false; } }
jwtTokenUtil
最新推荐文章于 2024-05-15 17:48:42 发布