引入依赖
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.4.0</version>
</dependency>
获取token
void test1() {
Map<String, Object> map = new HashMap<>();
Calendar instance = Calendar.getInstance();
instance.add(Calendar.SECOND, 2000);
String token = JWT.create()
.withHeader(map) //header,可以不需要有默认的
.withClaim("userId", 99)//payload,可以多个
.withClaim("username", "xpt")//payload
.withExpiresAt(instance.getTime())//指定令牌的过期时间
.sign(Algorithm.HMAC256("jsh#@JSH.z")) //签名
;
System.out.println(token);
}
验证token
/**
* 令牌验证:根据令牌和签名解析数据
* 常见异常:
* SignatureVerificationException 签名不一致异常
* TokenExpiredException 令牌过期异常
* AlgorithmMismatchException 算法不匹配异常
* InvalidClaimException 失效的payload异常
*/
void test2() {
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MTg4MzQ5NjksInVzZXJJZCI6OTksInVzZXJuYW1lIjoieHB0In0.TWGVQZZP4t3iB2G3PIHIUt1NFWQ80LVBc1cYNWI42aM";
JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256("jsh#@JSH.z")).build();
DecodedJWT decodedJWT = jwtVerifier.verify(token);
System.out.println("用户Id:" + decodedJWT.getClaim("userId").asInt());
System.out.println("用户名:" + decodedJWT.getClaim("username"));
System.out.println("过期时间:" + decodedJWT.getExpiresAt());
}
封装成工具类
public class JWTUtils {
private static String TOKEN = "token!Q@W3e4r";
/**
* 生成token
* @param map //传入payload
* @return 返回token
*/
public static String getToken(Map<String,Object> map){
JWTCreator.Builder builder = JWT.create();
map.forEach((k,v)->{
builder.withClaim(k,v);
});
Calendar instance = Calendar.getInstance();
instance.add(Calendar.SECOND,7);
builder.withExpiresAt(instance.getTime());
return builder.sign(Algorithm.HMAC256(TOKEN));
}
/**
* 验证token
* @param token
* @return
*/
public static void verify(String token){
JWT.require(Algorithm.HMAC256(TOKEN)).build().verify(token); // 如果验证通过,则不会把报错,否则会报错
}
/**
* 获取token中payload
* @param token
* @return
*/
public static DecodedJWT getToken(String token){
return JWT.require(Algorithm.HMAC256(TOKEN)).build().verify(token);
}
}
