我利用 JWT 官網提供的 Java 模塊,寫了個加密和解密token的例子。這個例子使用Maven管理項目,源代碼共包含三個文件:Encrypt.java、Decrypt、Main.java
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>zhangchao</groupId>
<artifactId>testJavaJwt</artifactId>
<version>0.0.1-SNAPSHOT</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.1.0</version>
</dependency>
</dependencies>
</project>Encrypt.java
package zhangchao;
import java.io.UnsupportedEncodingException;
import java.util.Date;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTCreationException;
/**
* 加密
* @author 張超
*
*/
public final class Encrypt {
/**
* 生成加密後的token
* @param isVip 是不是VIP,true表示是VIP,false表示不是VIP。
* @param username 用戶名
* @param name 姓名
* @return 加密後的token
*/
public String getToken(final boolean isVip, final String username,
final String name) {
String token = null;
try {
Date expiresAt = new Date(System.currentTimeMillis() + 24L * 60L * 3600L * 1000L);
token = JWT.create()
.withIssuer("auth0")
.withClaim("isVip", isVip)
.withClaim("username", username)
.withClaim("name", name)
.withExpiresAt(expiresAt)
// 使用了HMAC256加密算法。
// mysecret是用來加密數字簽名的密鑰。
.sign(Algorithm.HMAC256("mysecret"));
} catch (JWTCreationException exception){
//Invalid Signing configuration / Couldn't convert Claims.
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return token;
}
}
Decrypt.java
package zhangchao;
import java.io.UnsupportedEncodingException;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
/**
* 解密
* @author 張超
*
*/
public final class Decrypt {
/**
* 先驗證token是否被僞造,然後解碼token。
* @param token 字符串token
* @return 解密後的DecodedJWT對象,可以讀取token中的數據。
*/
public DecodedJWT deToken(final String token) {
DecodedJWT jwt = null;
try {
// 使用了HMAC256加密算法。
// mysecret是用來加密數字簽名的密鑰。
JWTVerifier verifier = JWT.require(Algorithm.HMAC256("mysecret"))
.withIssuer("auth0")
.build(); //Reusable verifier instance
jwt = verifier.verify(token);
} catch (JWTVerificationException exception){
//Invalid signature/claims
exception.printStackTrace();
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return jwt;
}
}
Main.java
package zhangchao;
import com.auth0.jwt.interfaces.DecodedJWT;
public class Main {
public static void main(String[] args) {
// 生成token
Encrypt encrypt = new Encrypt();
String token = encrypt.getToken(true, "zhangchao", "張超");
// 打印token
System.out.println("token: " + token);
// 解密token
Decrypt decrypt = new Decrypt();
DecodedJWT jwt = decrypt.deToken(token);
System.out.println("issuer: " + jwt.getIssuer());
System.out.println("isVip: " + jwt.getClaim("isVip").asBoolean());
System.out.println("username: " + jwt.getClaim("username").asString());
System.out.println("name: " + jwt.getClaim("name").asString());
System.out.println("過期時間: " + jwt.getExpiresAt());
}
}