zsx.git - Gitblit

懒羊羊

2023-09-19 3d2401cf8ea9ae3d830c0568e7751e2e8cc8db22

提交 \| 用户 \| 时间
1ac2bc	1	/**
懒	2	* Copyright 2018-2020 stylefeng & fengshuonan (sn93@qq.com)
	3	* <p>
	4	* Licensed under the Apache License, Version 2.0 (the "License");
	5	* you may not use this file except in compliance with the License.
	6	* You may obtain a copy of the License at
	7	* <p>
	8	* http://www.apache.org/licenses/LICENSE-2.0
	9	* <p>
	10	* Unless required by applicable law or agreed to in writing, software
	11	* distributed under the License is distributed on an "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	13	* See the License for the specific language governing permissions and
	14	* limitations under the License.
	15	*/
	16	package cn.stylefeng.guns.base.auth.jwt;
	17
	18	import cn.stylefeng.guns.base.auth.jwt.payload.JwtPayLoad;
	19	import cn.stylefeng.guns.base.consts.ConstantsContext;
	20	import cn.stylefeng.roses.core.util.ToolUtil;
	21	import io.jsonwebtoken.*;
	22
	23	import java.util.Date;
	24	import java.util.Map;
	25
	26	/**
	27	* <p>jwt token工具类</p>
	28	* <pre>
	29	* jwt的claim里一般包含以下几种数据:
	30	* 1. iss -- token的发行者
	31	* 2. sub -- 该JWT所面向的用户
	32	* 3. aud -- 接收该JWT的一方
	33	* 4. exp -- token的失效时间
	34	* 5. nbf -- 在此时间段之前,不会被处理
	35	* 6. iat -- jwt发布时间
	36	* 7. jti -- jwt唯一标识,防止重复使用
	37	* </pre>
	38	*
	39	* @author fengshuonan
	40	* @Date 2017/8/25 10:59
	41	*/
	42	public class JwtTokenUtil {
	43
	44	/**
	45	* 生成token,根据userId和默认过期时间
	46	*/
	47	public static String generateToken(JwtPayLoad jwtPayLoad) {
	48	Long expiredSeconds = getExpireSeconds();
	49	final Date expirationDate = new Date(System.currentTimeMillis() + expiredSeconds * 1000);
	50	return generateToken(String.valueOf(jwtPayLoad.getUserId()), expirationDate, jwtPayLoad.toMap());
	51	}
	52
	53	/**
	54	* 获取jwt的payload部分
	55	*/
	56	public static JwtPayLoad getJwtPayLoad(String token) {
	57	Claims claimFromToken = getClaimFromToken(token);
	58	return JwtPayLoad.toBean(claimFromToken);
	59	}
	60
	61	/**
	62	* 解析token是否正确(true-正确, false-错误)
	63	*/
	64	public static Boolean checkToken(String token) {
	65	try {
	66	String jwtSecret = getJwtSecret();
	67	Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody();
	68	return true;
	69	} catch (JwtException e) {
	70	return false;
	71	}
	72	}
	73
	74	/**
	75	* 验证token是否失效
	76	*/
	77	public static Boolean isTokenExpired(String token) {
	78	try {
	79	final Date expiration = getExpirationDateFromToken(token);
	80	return expiration.before(new Date());
	81	} catch (ExpiredJwtException expiredJwtException) {
	82	return true;
	83	}
	84	}
	85
	86	/**
	87	* 获取jwt失效时间
	88	*/
	89	public static Date getExpirationDateFromToken(String token) {
	90	return getClaimFromToken(token).getExpiration();
	91	}
	92
	93	/**
	94	* 生成token,根据userId和过期时间
	95	*/
	96	public static String generateToken(String userId, Date exppiredDate, Map<String, Object> claims) {
	97
	98	final Date createdDate = new Date();
	99	String secret = getJwtSecret();
	100
	101	if (claims == null) {
	102	return Jwts.builder()
	103	.setSubject(userId)
	104	.setIssuedAt(createdDate)
	105	.setExpiration(exppiredDate)
	106	.signWith(SignatureAlgorithm.HS512, secret)
	107	.compact();
	108	} else {
	109	return Jwts.builder()
	110	.setClaims(claims)
	111	.setSubject(userId)
	112	.setIssuedAt(createdDate)
	113	.setExpiration(exppiredDate)
	114	.signWith(SignatureAlgorithm.HS512, secret)
	115	.compact();
	116	}
	117	}
	118
	119	/**
	120	* 获取jwt的payload部分
	121	*/
	122	public static Claims getClaimFromToken(String token) {
	123
	124	if (ToolUtil.isEmpty(token)) {
	125	throw new IllegalArgumentException("token参数为空！");
	126	}
	127
	128	String jwtSecret = getJwtSecret();
	129	return Jwts.parser()
	130	.setSigningKey(jwtSecret)
	131	.parseClaimsJws(token)
	132	.getBody();
	133	}
	134
	135	private static String getJwtSecret() {
	136	return ConstantsContext.getJwtSecret();
	137	}
	138
	139	private static Long getExpireSeconds() {
	140	return ConstantsContext.getJwtSecretExpireSec();
	141	}
	142	}