一.引入jjwt-api依赖
属性! -构建时编码----project.build.sourceencodingutf-8/project.build.source encoding! -输出时编码--- project.reporting.outputencodingutf-8/project.reporting.output encoding! -- JDK版本--- Java.version 1.8/Java.version jjwt.version0. 11.2/jjwt.version/propertiesdependencygroupidide version/dependencydependencygroupidio.jsonwebtoken/groupidartifactidjwt-impl versionscoperuntime/scope/dependencyden
import java.text.ParseException; import java.util.Date; import java.util.HashMap; import java.util.Map; import java.util.UUID; importorg.Apache.com mons.lang3. string utils; import org.apache.log4j.Logger; importorg.spring framework.beans.factory.annotation.auto wired; importorg.spring framework.beans.factory.annotation.value; importorg.spring framework.stereotype.com ponent; import com.lqy.study.exception.run exception; import com.lqy.study.utils.dateutils; import cn.Hu tool.core.bean.bean util; import cn.hutool.json.JSONUtil; import io.jsonwebtoken.Claims; import io.jsonwebtoken.expiredjwtexception; import io.jsonwebtoken.Jws; import io.jsonwebtoken.jwt exception; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.malformedjwtexception; import io.jsonwebtoken.missingclaimexception; import io.jsonwebtoken.signature algorithm; import io.jsonwebtoken.signature exception; import io.jsonwebtoken.io.decoders; @ componentpublicclassjwtutils { privatestaticloggerlog=logger.getlogger (jwt utils.class ); 私有状态字符串安全密钥; private static String aa; //静态变量注入测试/** *静态变量注入*从配置文件中注入key以读取jjwt.key属性。 set方法不能是static * @ param secret key */@ value (“$ { jjwt.key }”)公共void
String secretKey) { JwtUtils.secretKey = secretKey; }./*欢迎加入java交流Q君样:909038429一起吹水聊天 /** * 静态实体变量注入 * jjwtProperties需要配置:@ConfigurationProperties(prefix = "jjwt", ignoreUnknownFields = true) * @param jjwtProperties */ @Autowired public void setSecretKey(JjwtProperties jjwtProperties) { JwtUtils.aa = jjwtProperties.getKey(); } private static String KEY_CLAIMS = "key_claims"; private static String SUBJECT = "key_subject"; private JwtUtils(){ } /** * 生成token * @return * @throws ParseException */ public static String getToken() throws ParseException { //Key key = Keys.secretKeyFor(SignatureAlgorithm.HS256); log.info("aa===" + aa); Date now = new Date(); Date expirationDate = DateUtils.addMinute(null, 2);//增加2分钟的过期时间,用于测试 log.info("now===" + DateUtils.formatDateTime(now)); log.info("expirationDate===" + DateUtils.formatDateTime(expirationDate)); Map<String, Object> claims = new HashMap<String, Object>(); User user = new User(); user.setId(1000L); user.setName("孤独的老虎"); claims.put(KEY_CLAIMS, user); String token = Jwts.builder() .setClaims(claims)//必须放最前面,不然后面设置的东西都会没有:如setExpiration会没有时间 .setId(UUID.randomUUID().toString()) .setSubject(SUBJECT) .setIssuedAt(now) .setExpiration(expirationDate)//过期时间 .signWith(SignatureAlgorithm.HS256, getSecretKey()) .compact(); log.info("token===" + token); return token; } /** * 解析token,并返回User对象 * @param token * @return * @throws ParseException */ public static User parseToken(String token) throws ParseException { String msg = null; try { Jws<Claims> jws = Jwts.parser() .setSigningKey(getSecretKey()) .requireSubject(SUBJECT)//校验必须有这个属性,可以省略这步 .parseClaimsJws(token); Claims claims = jws.getBody();//Claims是一个Map log.info("claims===" + JSONUtil.toJsonStr(claims)); log.info("claims.getIssuedAt()===" + claims.getIssuedAt()); log.info("claims.getExpiration()===" + claims.getExpiration()); //map转实体 User user = BeanUtil.toBean(claims.get(KEY_CLAIMS), User.class); log.info("user===" + JSONUtil.toJsonStr(user)); return user; }catch (SignatureException se) { msg = "密钥错误"; log.error(msg, se); throw new RunException(msg); }catch (MalformedJwtException me) { msg = "密钥算法或者密钥转换错误"; log.error(msg, me); throw new RunException(msg); }catch (MissingClaimException mce) { msg = "密钥缺少校验数据"; log.error(msg, mce); throw new RunException(msg); }catch (ExpiredJwtException mce) { msg = "密钥已过期"; log.error(msg, mce); throw new RunException(msg); }catch (JwtException jwte) { msg = "密钥解析错误"; log.error(msg, jwte); throw new RunException(msg); } } /** * 获取自定义密钥 * @return */ private static byte[] getSecretKey() { //log.info("secretKey = " + secretKey); if(StringUtils.isBlank(secretKey)) { throw new RunException("jjwt配置的密钥不能为空"); } return Decoders.BASE64.decode(secretKey); } public static void main(String[] args) throws Exception { getToken(); } }User类:
public class User { private Long id; private String name; public Long getId() { return id; } public void setId(Long id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name; } @Override public String toString() { return "User [id=" + id + ", name=" + name + "]"; }}./*欢迎加入java交流Q君样:909038429一起吹水聊天三、科普springboot静态变量注入的方式
1、静态变量secretKey通过配置文件application.properties的属性注入,并使用base64编码,取出来的时候,需要解码(配置文件的属性也可以不编码,直接取出来)
jjwt.key=aXNsZWVfaGFoYQ==注入方式:方法加注解@Value("${jjwt.key}"),变量作为参数
/** * 静态变量注入 * 从配置文件读取jjwt.key属性 * 注入key,set方法不能是static * @param secretKey */@Value("${jjwt.key}")public void setSecretKey(String secretKey) { JwtUtils.secretKey = secretKey;}2、静态实体变量 jjwtProperties 注入,同样通过通过配置文件application.properties的属性注入,但可以直接配置多个属性(仅用于学习,可忽略):
import org.springframework.boot.context.properties.ConfigurationProperties;import org.springframework.stereotype.Component;@Component@ConfigurationProperties(prefix = "jjwt", ignoreUnknownFields = true)public class JjwtProperties { private String key; public String getKey() { return key; } public void setKey(String key) { this.key = key; }}注入的方式:方法加上@Autowired注解,实体作为参数
/** * 静态实体变量注入 * jjwtProperties需要配置:@ConfigurationProperties(prefix = "jjwt", ignoreUnknownFields = true) * @param jjwtProperties */@Autowiredpublic void setSecretKey(JjwtProperties jjwtProperties) { JwtUtils.aa = jjwtProperties.getKey();}
最新2020整理收集的一些高频面试题(都整理成文档),有很多干货,包含mysql,netty,spring,线程,spring cloud、jvm、源码、算法等详细讲解,也有详细的学习规划图,面试题整理等,需要获取这些内容的朋友请加Q君样:909038429
/./*欢迎加入java交流Q君样:909038429一起吹水聊天