SpringBoot集成JWT
點擊上方藍(lán)色字體,選擇“標(biāo)星公眾號”
優(yōu)質(zhì)文章,第一時間送達
? 作者?|??Bruce.Chang.Lee
來源 |? urlify.cn/aeiQvq
1、什么是JWT?
關(guān)于JWT的詳細(xì)介紹,請參考JSON Web Token 入門教程
2、Spring Boot集成JWT
2.1、pom.xml?文件中引入相關(guān)依賴包
??
????com.cnblogs.javalouvre
????spring-boot-tutorial
????1.0.0
??
??
????
??????org.apache.commons
??????commons-lang3
????
????
??????org.springframework.boot
??????spring-boot-starter-web
????
????
??????io.jsonwebtoken
??????jjwt
??????0.9.1
????
??
2.2、aplication.yml?配置JWT相關(guān)參數(shù)
#?token配置
token:
????#?令牌自定義標(biāo)識
????header:?Authorization
????#?令牌密鑰(自定義)
????secret:?6F3931D35F0395DF82B032B8019AC57D
????#?令牌有效期(默認(rèn)30分鐘)
????expireTime:?30
2.3、TokenService.java?設(shè)置Token生成與解析
package?com.cnblogs.javalouvre.service;
import?java.util.Calendar;
import?java.util.Date;
import?java.util.GregorianCalendar;
import?org.springframework.beans.factory.annotation.Value;
import?org.springframework.stereotype.Component;
import?io.jsonwebtoken.Claims;
import?io.jsonwebtoken.Jwts;
import?io.jsonwebtoken.SignatureAlgorithm;
@Component
public?class?TokenService?{
????/**
?????*?生成Token
?????*
?????*?@param?sub
?????*?@return
?????*/
????public?String?createToken(String?sub)?{
????????Calendar?calendar?=?GregorianCalendar.getInstance();
????????Date?iat?=?calendar.getTime();
????????calendar.add(GregorianCalendar.MINUTE,?amount);
????????Date?exp?=?calendar.getTime();
????????return?Jwts.builder()//
????????????????.setHeaderParam("typ",?"JWT")//?令牌類型
????????????????.setSubject(sub)//?主題
????????????????.setIssuedAt(iat)?//?簽發(fā)時間
????????????????.setExpiration(exp)//?過期時間
????????????????.signWith(SignatureAlgorithm.HS512,?secretKey)//?簽名算法、秘鑰
????????????????.compact();
????}
????/**
?????*?獲取Token中注冊信息
?????*
?????*?@param?token
?????*?@return
?????*/
????public?Claims?getBody(String?token)?{
????????return?Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody();
????}
????/**
?????*?獲取簽發(fā)日期
?????*
?????*?@param?token
?????*?@return
?????*/
????public?Date?getIssuedAt(String?token)?{
????????return?getBody(token).getIssuedAt();
????}
????/**
?????*?獲取過期時間
?????*
?????*?@param?token
?????*?@return
?????*/
????public?Date?getExpiration(String?token)?{
????????return?getBody(token).getExpiration();
????}
????/**
?????*?獲取主題信息
?????*
?????*?@param?token
?????*?@return
?????*/
????public?String?getSubject(String?token)?{
????????return?getBody(token).getSubject();
????}
????//?令牌秘鑰
????@Value("${token.secret}")
????private?String?secretKey;
????//?令牌有效期(默認(rèn)30分鐘)
????@Value("${token.expireTime}")
????private?int????amount;
}
2.4、TokenHandlerInterceptor.java?定義攔截器
package?com.cnblogs.javalouvre.interceptor;
import?javax.servlet.http.HttpServletRequest;
import?javax.servlet.http.HttpServletResponse;
import?org.apache.commons.lang3.StringUtils;
import?org.springframework.beans.factory.annotation.Autowired;
import?org.springframework.beans.factory.annotation.Value;
import?org.springframework.stereotype.Component;
import?org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import?com.cnblogs.javalouvre.service.TokenService;
import?io.jsonwebtoken.SignatureException;
@Component
public?class?TokenHandlerInterceptor?extends?HandlerInterceptorAdapter?{
????@Override
????public?boolean?preHandle(HttpServletRequest?request,?HttpServletResponse?response,?Object?handler)
????????????throws?Exception?{
????????String?uri?=?request.getRequestURI();
????????if?(uri.contains("/login"))?{
????????????return?true;
????????}
????????String?token?=?request.getHeader(header);
????????if?(StringUtils.isBlank(token))?{
????????????throw?new?SignatureException(StringUtils.EMPTY);
????????}
????????tokenService.getBody(token);
????????return?true;
????}
????@Autowired
????private?TokenService?tokenService;
????//?令牌自定義標(biāo)識
????@Value("${token.header}")
????private?String???????header;
}
2.5、ResourceConfig.java?配置攔截器
package?com.cnblogs.javalouvre.config;
import?org.springframework.beans.factory.annotation.Autowired;
import?org.springframework.context.annotation.Configuration;
import?org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import?org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import?com.cnblogs.javalouvre.interceptor.TokenHandlerInterceptor;
@Configuration
public?class?ResourceConfig?implements?WebMvcConfigurer?{
????@Override
????public?void?addInterceptors(InterceptorRegistry?registry)?{
????????registry.addInterceptor(tokenHandlerInterceptor).addPathPatterns("/**");
????}
????@Autowired
????private?TokenHandlerInterceptor?tokenHandlerInterceptor;
}
2.6、IndexController.java?登錄入口
package?com.cnblogs.javalouvre.web;
import?static?org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
import?org.springframework.beans.factory.annotation.Autowired;
import?org.springframework.web.bind.annotation.GetMapping;
import?org.springframework.web.bind.annotation.PostMapping;
import?org.springframework.web.bind.annotation.RequestHeader;
import?org.springframework.web.bind.annotation.RestController;
import?com.cnblogs.javalouvre.dto.AjaxResult;
import?com.cnblogs.javalouvre.service.TokenService;
@RestController
public?class?IndexController?{
????@PostMapping(path?=?"/login",?produces?=?APPLICATION_JSON_VALUE)
????public?AjaxResult?login(String?username,?String?password)?{
????????//?模擬數(shù)據(jù)庫操作
????????if?("admin".equals(username)?&&?"admin123".equals(password))?{
????????????return?AjaxResult.success("操作成功",?tokenService.createToken(username));
????????}
????????return?AjaxResult.error("賬號或密碼錯誤");
????}
????@GetMapping(path?=?"/index",?produces?=?APPLICATION_JSON_VALUE)
????public?AjaxResult?execute(@RequestHeader("Authorization")?String?token)?{
????????return?AjaxResult.success(tokenService.getSubject(token));
????}
????@Autowired
????private?TokenService?tokenService;
}
2.7、其他輔助類
2.7.1、GlobalExceptionHandler.java?全局異常處理
package?com.cnblogs.javalouvre.exception;
import?org.springframework.web.bind.annotation.ExceptionHandler;
import?org.springframework.web.bind.annotation.ResponseBody;
import?org.springframework.web.bind.annotation.RestControllerAdvice;
import?com.cnblogs.javalouvre.dto.AjaxResult;
import?io.jsonwebtoken.ExpiredJwtException;
import?io.jsonwebtoken.MalformedJwtException;
import?io.jsonwebtoken.SignatureException;
@RestControllerAdvice
public?class?GlobalExceptionHandler?{
????@ExceptionHandler(SignatureException.class)
????@ResponseBody
????public?AjaxResult?signatureException()?{
????????return?AjaxResult.error("Token為空");
????}
????@ResponseBody
????@ExceptionHandler(ExpiredJwtException.class)
????public?AjaxResult?expiredJwtException()?{
????????return?AjaxResult.error("Token過期");
????}
????@ResponseBody
????@ExceptionHandler(MalformedJwtException.class)
????public?AjaxResult?malformedJwtException()?{
????????return?AjaxResult.error("Token數(shù)據(jù)錯誤");
????}
}
2.7.2、HttpStatus.java?返回消息狀態(tài)定義
package?com.cnblogs.javalouvre.constants;
public?final?class?HttpStatus?{
????public?static?final?int?OK????????????????????=?200;
????public?static?final?int?INTERNAL_SERVER_ERROR?=?500;
????private?HttpStatus()?{
?????//?DO?NOTHING
????}
}
2.7.3、AjaxResult.java?返回消息定義
package?com.cnblogs.javalouvre.dto;
import?java.util.HashMap;
import?java.util.Objects;
import?com.cnblogs.javalouvre.constants.HttpStatus;
public?class?AjaxResult?extends?HashMap?{
????private?static?final?long???serialVersionUID?=?242180064461040653L;
????//?狀態(tài)碼
????private?static?final?String?CODE_TAG?????????=?"code";
????//?返回內(nèi)容
????private?static?final?String?MSG_TAG??????????=?"msg";
????//?數(shù)據(jù)對象
????private?static?final?String?DATA_TAG?????????=?"data";
????public?AjaxResult()?{
????????//?DO?NOTHING
????}
????public?AjaxResult(int?code,?String?msg)?{
????????super.put(CODE_TAG,?code);
????????super.put(MSG_TAG,?msg);
????}
????public?AjaxResult(int?code,?String?msg,?Object?data)?{
????????this(code,?msg);
????????if?(Objects.nonNull(data))?{
????????????super.put(DATA_TAG,?data);
????????}
????}
????public?static?AjaxResult?success()?{
????????return?AjaxResult.success("操作成功");
????}
????public?static?AjaxResult?success(Object?object)?{
????????return?AjaxResult.success("操作成功",?object);
????}
????public?static?AjaxResult?success(String?msg)?{
????????return?AjaxResult.success(msg,?null);
????}
????public?static?AjaxResult?success(String?msg,?Object?data)?{
????????return?new?AjaxResult(HttpStatus.OK,?msg,?data);
????}
????public?static?AjaxResult?error()?{
????????return?AjaxResult.success("操作失敗");
????}
????public?static?AjaxResult?error(Object?object)?{
????????return?AjaxResult.error("操作失敗",?object);
????}
????public?static?AjaxResult?error(String?msg)?{
????????return?AjaxResult.error(msg,?null);
????}
????public?static?AjaxResult?error(String?msg,?Object?data)?{
????????return?new?AjaxResult(HttpStatus.INTERNAL_SERVER_ERROR,?msg,?data);
????}
}
2.8、App.java?入口類
package?com.cnblogs.javalouvre;
import?org.springframework.boot.SpringApplication;
import?org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public?class?App?{
????public?static?void?main(String[]?args)?{
????????SpringApplication.run(App.class,?args);
????}
}
3、目錄結(jié)構(gòu)
│??pom.xml
│??????
└─src
????├─main
????│??├─java
????│??│??└─com
????│??│??????└─cnblogs
????│??│??????????└─javalouvre
????│??│??????????????│??App.java
????│??│??????????????│??
????│??│??????????????├─config
????│??│??????????????│??????ResourceConfig.java
????│??│??????????????│??????
????│??│??????????????├─constants
????│??│??????????????│??????HttpStatus.java
????│??│??????????????│??????
????│??│??????????????├─dto
????│??│??????????????│??????AjaxResult.java
????│??│??????????????│??????
????│??│??????????????├─exception
????│??│??????????????│??????GlobalExceptionHandler.java
????│??│??????????????│??????
????│??│??????????????├─interceptor
????│??│??????????????│??????TokenHandlerInterceptor.java
????│??│??????????????│??????
????│??│??????????????├─service
????│??│??????????????│??????TokenService.java
????│??│??????????????│??????
????│??│??????????????└─web
????│??│??????????????????????IndexController.java
????│??│??????????????????????
????│??└─resources
????│??????????application.yml
????│??????????
????└─test
????????├─java
????????└─resources
粉絲福利:Java從入門到入土學(xué)習(xí)路線圖
???
?長按上方微信二維碼?2 秒
感謝點贊支持下哈?
評論
圖片
表情