From 8e8f390b5d57098f2df5c89822b202f2b0250994 Mon Sep 17 00:00:00 2001 From: its Date: Sun, 7 Apr 2024 17:30:27 +0800 Subject: [PATCH] =?UTF-8?q?[update]=20JwtUtil=20=E5=8D=87=E7=BA=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/yexuejc/base/util/JwtUtil.java | 55 ++++++++----------- 1 file changed, 23 insertions(+), 32 deletions(-) diff --git a/src/main/java/com/yexuejc/base/util/JwtUtil.java b/src/main/java/com/yexuejc/base/util/JwtUtil.java index 0fa4172..fdd1cdf 100644 --- a/src/main/java/com/yexuejc/base/util/JwtUtil.java +++ b/src/main/java/com/yexuejc/base/util/JwtUtil.java @@ -1,10 +1,12 @@ package com.yexuejc.base.util; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; - import java.util.Date; import java.util.Map; +import javax.crypto.SecretKey; + +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; /** * jwt工具类 @@ -34,7 +36,7 @@ public class JwtUtil { * * @param key 加密key 默认:h%OG8Y3WgA5AN7&6Ke7I#C1XvneW0N8a * @param type 加密类型:默认JWT - * @param iss token发行商: 默认yexuejc.com + * @param iss token发行商: 默认yexuejc.top * @return */ public static JwtUtil config(String key, String type, String iss) { @@ -60,7 +62,7 @@ public class JwtUtil { /** * token发行商 */ - private String JWT_CLAIMS_ISS = "yexuejc.com"; + private String JWT_CLAIMS_ISS = "yexuejc.top"; /** * 加密内容生成token @@ -76,22 +78,22 @@ public class JwtUtil { subject = JsonUtil.obj2Json(subjectObj); } Date now = new Date(); - String token = Jwts.builder() + return Jwts.builder() // 设置token的唯一标识ID(claims.jti) - .setId(StrUtil.genUUID()) + .id(StrUtil.genUUID()) // 设置token类型(header.typ) - .setHeaderParam("typ", JWT_HEADER_TYP) + .header().add("typ", JWT_HEADER_TYP) + .and() // 设置token发行时间为当前时间(claims.iat) - .setIssuedAt(now) + .issuedAt(now) // 设置token发行商/发行者(claims.iss) - .setIssuer(JWT_CLAIMS_ISS) + .issuer(JWT_CLAIMS_ISS) // 设置token用户定义主体(claims.sub) - .setSubject(subject) - // 设置签名算法和KEY(signature) - .signWith(SignatureAlgorithm.HS512, JWT_SIGNATURE_KEY) + .subject(subject) + // 设置算法签名,(密钥,加密算法) + .signWith(getSecretKey(), Jwts.SIG.HS512) // 生成token .compact(); - return token; } /** @@ -112,18 +114,8 @@ public class JwtUtil { * @return */ public T parse(String token, Class cls) { - String subject = null; - try { - subject = Jwts.parser().setSigningKey(JWT_SIGNATURE_KEY).parseClaimsJws(token).getBody().getSubject(); - } catch (Exception e) { - e.printStackTrace(); - } - if (subject == null) { - return null; - } - return JsonUtil.json2Obj(subject, cls); + return JsonUtil.json2Obj(parseStr(token), cls); } - /** * 解密token为字符串 * @@ -131,12 +123,11 @@ public class JwtUtil { * @return */ public String parseStr(String token) { - String subject = null; - try { - subject = Jwts.parser().setSigningKey(JWT_SIGNATURE_KEY).parseClaimsJws(token).getBody().getSubject(); - } catch (Exception e) { - e.printStackTrace(); - } - return subject; + return Jwts.parser().verifyWith(getSecretKey()).build().parseSignedClaims(token).getPayload().getSubject(); + } + + private SecretKey getSecretKey() { + byte[] bytes = Decoders.BASE64.decode(JWT_SIGNATURE_KEY); + return Keys.hmacShaKeyFor(bytes); } }