mirror of
https://github.com/PlayEdu/PlayEdu
synced 2025-12-22 18:29:51 +08:00
jwt的解析
This commit is contained in:
none
@@ -10,7 +10,7 @@ import xyz.playedu.api.service.ImageCaptchaService;
|
||||
import xyz.playedu.api.types.ImageCaptchaResult;
|
||||
import xyz.playedu.api.util.Base64Util;
|
||||
import xyz.playedu.api.util.RedisUtil;
|
||||
import xyz.playedu.api.util.ToolUtil;
|
||||
import xyz.playedu.api.util.HelperUtil;
|
||||
|
||||
import javax.imageio.ImageIO;
|
||||
import java.awt.image.BufferedImage;
|
||||
@@ -35,7 +35,7 @@ public class ImageCaptchaServiceImpl implements ImageCaptchaService {
|
||||
BufferedImage image;
|
||||
|
||||
// 图形验证码的key[api是无状态的需要key来锁定验证码的值]
|
||||
String randomKey = ToolUtil.randomString(16);
|
||||
String randomKey = HelperUtil.randomString(16);
|
||||
imageCaptcha.setKey(randomKey);
|
||||
|
||||
// 生成验证码
|
||||
|
||||
@@ -1,15 +1,18 @@
|
||||
package xyz.playedu.api.service.impl;
|
||||
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.JwtBuilder;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.security.Keys;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
import xyz.playedu.api.exception.JwtLogoutException;
|
||||
import xyz.playedu.api.service.JWTService;
|
||||
import xyz.playedu.api.types.JWTPayload;
|
||||
import xyz.playedu.api.types.JwtToken;
|
||||
import xyz.playedu.api.util.ToolUtil;
|
||||
import xyz.playedu.api.util.RedisUtil;
|
||||
import xyz.playedu.api.util.HelperUtil;
|
||||
|
||||
import javax.crypto.SecretKey;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
@@ -25,25 +28,26 @@ public class JwtServiceImpl implements JWTService {
|
||||
@Value("${playedu.jwt.expire}")
|
||||
private Long ConfigExpire;
|
||||
|
||||
@Value("${playedu.jwt.cache-black-prefix}")
|
||||
private String ConfigCacheBlackPrefix;
|
||||
|
||||
public JwtToken generate(Integer userId, String iss, String prv) {
|
||||
long curTime = System.currentTimeMillis();
|
||||
|
||||
JWTPayload payload = new JWTPayload();
|
||||
payload.setPrv(prv);
|
||||
payload.setIss(iss);
|
||||
payload.setJti(ToolUtil.uuid());
|
||||
payload.setJti(HelperUtil.uuid());
|
||||
payload.setNbf(curTime);
|
||||
payload.setIat(curTime);
|
||||
payload.setExp(curTime + ConfigExpire);
|
||||
payload.setSub(userId);
|
||||
|
||||
SecretKey key = Keys.hmacShaKeyFor(ConfigKey.getBytes(StandardCharsets.UTF_8));
|
||||
|
||||
JwtBuilder builder = Jwts.builder();
|
||||
builder.setId(payload.getJti()).setIssuedAt(new Date(payload.getIat())).claim("prv", payload.getPrv());
|
||||
builder.setExpiration(new Date(payload.getExp())).setIssuer(payload.getIss());
|
||||
builder.setSubject(String.valueOf(payload.getSub())).setNotBefore(new Date(payload.getNbf()));
|
||||
builder.signWith(key);
|
||||
builder.signWith(getSecretKey());
|
||||
|
||||
JwtToken token = new JwtToken();
|
||||
token.setToken(builder.compact());
|
||||
@@ -52,8 +56,46 @@ public class JwtServiceImpl implements JWTService {
|
||||
return token;
|
||||
}
|
||||
|
||||
public JWTPayload parse(String token) {
|
||||
return null;
|
||||
public JWTPayload parse(String token, String prv) throws JwtLogoutException {
|
||||
Claims claims = parseToken(token, prv);
|
||||
JWTPayload payload = new JWTPayload();
|
||||
|
||||
payload.setSub(Integer.valueOf(claims.getSubject()));
|
||||
payload.setIss(claims.getIssuer());
|
||||
payload.setPrv((String) claims.get("prv"));
|
||||
payload.setNbf(claims.getNotBefore().getTime());
|
||||
payload.setExp(claims.getExpiration().getTime());
|
||||
payload.setIat(claims.getIssuedAt().getTime());
|
||||
payload.setJti(claims.getId());
|
||||
|
||||
return payload;
|
||||
}
|
||||
|
||||
public boolean isInBlack(String jti) {
|
||||
return RedisUtil.exists(getBlackCacheKey(jti));
|
||||
}
|
||||
|
||||
public void logout(String token, String prv) throws JwtLogoutException {
|
||||
Claims claims = parseToken(token, prv);
|
||||
String cacheKey = getBlackCacheKey(claims.getId());
|
||||
Long expire = (claims.getExpiration().getTime() - System.currentTimeMillis()) / 1000;
|
||||
RedisUtil.set(cacheKey, 1, expire);
|
||||
}
|
||||
|
||||
private Claims parseToken(String token, String prv) throws JwtLogoutException {
|
||||
Claims claims = (Claims) Jwts.parserBuilder().setSigningKey(getSecretKey()).require("prv", prv).build().parse(token).getBody();
|
||||
if (isInBlack(claims.getId())) {
|
||||
throw new JwtLogoutException();
|
||||
}
|
||||
return claims;
|
||||
}
|
||||
|
||||
private SecretKey getSecretKey() {
|
||||
return Keys.hmacShaKeyFor(ConfigKey.getBytes(StandardCharsets.UTF_8));
|
||||
}
|
||||
|
||||
private String getBlackCacheKey(String jti) {
|
||||
return ConfigCacheBlackPrefix + jti;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user