1.简单的tokenutils工具类:(开始写博客了)
package com.macro.mall.security.service.impl;
import cn.hutool.core.date.DateUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class TokenTest {
private static final Logger LOGGER = LoggerFactory.getLogger(TokenTest.class);
private String username = “sub”;
private String time = “create”;
@Value("
j
w
t
.
s
e
c
r
e
t
"
)
p
r
i
v
a
t
e
S
t
r
i
n
g
s
e
c
r
e
t
;
@
V
a
l
u
e
(
"
{jwt.secret}") private String secret; @Value("
jwt.secret")privateStringsecret;@Value("{jwt.expiration}")
private Long expiration;
@Value("${jwt.tokenHead}")
private String tokenHead;
/*生成token 加密 设置时间*/
public String generatorToken(Map<String,Object> clamis) {
return Jwts.builder()
.setClaims(clamis)
.setExpiration(generatorFromExpireToken())
.signWith(SignatureAlgorithm.ES512, secret)
.compact();
}
/*获取token*/
private Claims getClaimsFromToken(String token) {
Claims claims = null;
try {
claims = Jwts.parser()
.setSigningKey(secret)
.parseClaimsJws(token)
.getBody();
} catch (Exception e) {
LOGGER.info("JWT格式验证失败:{}", token);
}
return claims;
}
/*生成过期时间*/
private Date generatorFromExpireToken() {
return new Date(System.currentTimeMillis() + expiration * 1000);
}
/*获取用户名从token中*/
public String getusernameFromToken(String token) {
String username;
try {
Claims claims = getClaimsFromToken(token);
username = claims.getSubject();
} catch (Exception e) {
username = null;
}
return username;
}
/判断是否同一个username与数据库/
public boolean validateToken(string token,Userdetails userdetails){
String username = getusernameFromToken(token);
return username.equals(userDetails.getUsername()) && !isTokenExpire();
}
/*是否过期*/
public boolean isTokenExpire(){
Date date = generatorFromExpireToken();
return date.before(new Date());
}
/*根据用户生成token*/
public String generatorToken(UserDetails userDetails){
Map<String,Object> clamis = new HashMap<>();
clamis.put(username,userDetails.getUsername());
clamis.put(time,new Date());
return generatorToken(clamis);
}
/token刷新/
private String refreshToken(String oldToken) {
if (StringUtils.isEmpty(oldToken)) {
return null;
}
String token = oldToken.substring(tokenHead.length());
if (StringUtils.isEmpty(token)) {
return null;
}
Claims claimsFromToken = getClaimsFromToken(token);
if (claimsFromToken == null) {
return null;
}
if (isTokenExpire()) {
return null;
}
//30分钟之内刷新
if (tokenRefreshJustBefore(token, 30 * 60)) {
return token;
} else {
claimsFromToken.put(time, new Date());
return generatorToken(claimsFromToken);
}
}
private boolean tokenRefreshJustBefore(String token, int i) {
Claims claimsFromToken = getClaimsFromToken(token);
Date date = claimsFromToken.get(time, Date.class);
Date freshTime = new Date();
if(freshTime.after(date) && freshTime.before(DateUtil.offsetSecond(date,i))){
return true;
}
return false;
}
}