首先引入spring-security-jwt:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.0.7.RELEASE</version>
</dependency>
要注意的是org.springframework.security.jwt.crypto.sign.Siger接口,这个是签名方式,有两上加密的方式:MacSigner和RsaSigner(我用的是RsaSigner有公钥和私钥):
package com.huhu.web.util;
import com.alibaba.fastjson.JSONObject;
import org.mapu.common.exception.ResultInfoException;
import org.springframework.security.jwt.Jwt;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.jwt.codec.Codecs;
import org.springframework.security.jwt.crypto.sign.RsaSigner;
import org.springframework.security.jwt.crypto.sign.RsaVerifier;
import java.util.Map;
/**
* Created by yfx on 2017-05-26 0026.
* spring-security-jwt
*/
public class JwtUtils {
private static Object obj=new Object();
/**
* jzq.sso的私钥
*/
private static String ssoAppPrivateKey="-----BEGIN RSA PRIVATE KEY-----\n" +
"你的私钥"+
"-----END RSA PRIVATE KEY-----\n";
/**
* jzq.sso的公钥
*/
private static String ssoAppPublicKey="-----BEGIN PUBLIC KEY-----\n" +
"你的公钥"+
"-----END PUBLIC KEY-----\n";
/**
* 签名工具
*/
private static RsaSigner signer;
private static RsaVerifier verifier;
static {
signer=new RsaSigner(ssoAppPrivateKey);
verifier=new RsaVerifier(ssoAppPublicKey);
}
public byte[] enSign(String data){
byte[] content = Codecs.utf8Encode(data);
byte[] signed = signer.sign(content);
return signed;
}
/**
* 加密token
* @param json 要加密的json
* @return
*/
public static String encode(JSONObject json){
Jwt jwt = JwtHelper.encode(json.toJSONString(), signer);
return jwt.getEncoded();
}
/**
*
* @param json 要加密的json
* @param headers 共享数据,这个可以JwtHelper.headers取得map得取得:{headers.key=headers.val, alg=HS256, typ=JWT}
* @return
*/
public static String encode(JSONObject json,Map<String,String> headers){
Jwt jwt = JwtHelper.encode(json.toJSONString(), signer, headers);
return jwt.getEncoded();
}
/**
* 解密token|token自带了解密串,使用了公私对串再进行一次校验
* @return
*/
public static JSONObject decode(String token){
try{
Jwt jwt = JwtHelper.decodeAndVerify(token,verifier);
return JSONObject.parseObject(jwt.getClaims());
}catch (RuntimeException e){
throw new ResultInfoException("jwtError","校验失败");
}
}
public static void main(String[] args) {
JSONObject json=new JSONObject();
json.put("hehe","https://my.oschina.net/yifanxiang");
String token=JwtUtils.encode(json);
System.out.println(token);
//Map map=JwtHelper.headers(token);
//System.out.println(map);
JSONObject info=JwtUtils.decode("解析到的串");
System.out.println(info);
}
}
至于公钥私钥生成,可以用支付宝api的那个生成工具(百度:secret_key_tools_RSA_win);
生成token怎么放,可以放cookice里还可以放localstorage里,看应用实际情况了