项目中用到了JWT作为验证方式,故在此记录下JWT生成和解析的方式
前提,导入jar
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.18.2</version>
</dependency>
生成token
/**
* 加密生成token
* @param key 服务器key
* @param secret 服务器secret
* @return
*/
private static void createToken(String key, String secret) {
//私钥和加密算法
Algorithm algorithm = Algorithm.HMAC256(secret);
//设置头部信息
Map<String, Object> header = new HashMap<>(4);
header.put("typ", "JWT");
header.put("alg", "HS256");
Map<String, Object> payload = new HashMap<>(4);
payload.put("iss", key);
payload.put("exp", System.currentTimeMillis() + 3600*1000);
//需要用到的信息根据实际情况而定
String token = JWT.create()
.withHeader(header)
.withPayload(payload)
.sign(algorithm);
System.out.println(token);
}
解析验证token
/**
* 解析验证token
* @param token 加密后的token字符串
* @param secret 服务器私钥
* @return
*/
private static Boolean verifyToken(String token ,String secret) {
try {
Algorithm algorithm = Algorithm.HMAC256(secret);
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT jwt = verifier.verify(token);
return true;
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (JWTVerificationException e) {
e.printStackTrace();
System.out.println("校验失败");
}
return false;
}