基本概念
三种实现方案
Session 共享
Oauth 2.0 实现
JWT 实现单点登录
Spring Boot 实现 JWT
1.引入依赖
<!-- 引入JWT -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.10.3</version>
</dependency>
2.编写工具类
public class JwtUtils {
private static String SECRET = "code-duck-*%#@*!&";
public static String generateToken(Map<String, String> map) {
JWTCreator.Builder builder = JWT.create();
map.forEach((k, v) -> {
builder.withClaim(k, v);
});
Calendar installCalendar = Calendar.getInstance();
installCalendar.add(Calendar.SECOND, 60);
builder.withExpiresAt(installCalendar.getTime());
return builder.sign(Algorithm.HMAC256(SECRET));
}
public static void verify(String token) {
JWT.require(Algorithm.HMAC256(SECRET)).build().verify(token);
}
public static DecodedJWT getTokenInfo(String token) {
return JWT.require(Algorithm.HMAC256(SECRET)).build().verify(token);
}
}
3.获取 token
@RestController
@RequestMapping("/user")
public class UserController {
@PostMapping("/login")
public Map<String, String> login() {
HashMap<String, String> result = new HashMap<>();
HashMap<String, String> map = new HashMap<>();
map.put("user", "用户信息");
String token = JwtUtils.generateToken(map);
result.put("token", token);
return result;
}
@PostMapping("/test")
public void test() {
System.out.println("测试方法");
}
}
4.编写过滤器
public class JwtFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String token = ((HttpServletRequest) request).getHeader("token");
HashMap<String, String> map = new HashMap<>();
try {
JwtUtils.verify(token);
chain.doFilter(request, response);
} catch (SignatureVerificationException e) {
e.printStackTrace();
map.put("msg", "无效签名!");
} catch (TokenExpiredException e) {
e.printStackTrace();
map.put("msg", "token过期!");
} catch (AlgorithmMismatchException e) {
e.printStackTrace();
map.put("msg", "token算法不一致!");
} catch (Exception e) {
e.printStackTrace();
map.put("msg", "token无效!!");
}
response.setContentType("application/json;charset=UTF-8");
response.getWriter().println(map);
}
@Override
public void destroy() {
}
}
5.注册过滤器
@Configuration
public class FilterConfiguration {
private String skipUrlPattern = "";
@Bean
public FilterRegistrationBean filterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new JwtFilter());
registration.addInitParameter("skipUrlPattern", skipUrlPattern);
registration.addUrlPatterns("/*");
return registration;
}
}