/**
|
* Copyright 2018-2020 stylefeng & fengshuonan (sn93@qq.com)
|
* <p>
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
* <p>
|
* http://www.apache.org/licenses/LICENSE-2.0
|
* <p>
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License.
|
*/
|
package com.doumee.config.Jwt;
|
|
|
import com.alibaba.fastjson.JSONObject;
|
import com.doumee.core.utils.Constants;
|
import com.doumee.dao.business.model.Member;
|
import io.jsonwebtoken.*;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.data.redis.core.RedisTemplate;
|
|
import javax.annotation.Resource;
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.Map;
|
import java.util.UUID;
|
import java.util.concurrent.TimeUnit;
|
|
/**
|
* <p>后台系统jwt token工具类</p>
|
* <pre>
|
* jwt的claim里一般包含以下几种数据:
|
* 1. iss -- token的发行者
|
* 2. sub -- 该JWT所面向的用户
|
* 3. aud -- 接收该JWT的一方
|
* 4. exp -- token的失效时间
|
* 5. nbf -- 在此时间段之前,不会被处理
|
* 6. iat -- jwt发布时间
|
* 7. jti -- jwt唯一标识,防止重复使用
|
* </pre>
|
*
|
* @author fengshuonan
|
* @Date 2017/8/25 10:59
|
*/
|
public class JwtTokenUtil {
|
//Header 名称
|
public static final String HEADER_KEY = "token";
|
//取值名称
|
public static final String UserId_Name = "AppUserId";
|
//取值名称
|
public static final String UserType = "UserType";
|
//取值名称
|
public static final String UserInfo = "UserInfo";
|
//加密密钥
|
private final static String jwtSecret = "MhAjU9poLf8ko54K25XBDtonaL33vtt1";
|
//过期时间(s) 86400L=1天 604800L=7天
|
private static final long expire = 86400L;
|
//redis过期时间
|
private static final Integer redisExpire = 3;
|
|
/**
|
* 生成token,根据userId和默认过期时间
|
*/
|
public static String generateToken(JwtPayLoad jwtPayLoad) {
|
Long expiredSeconds = getExpireSeconds();
|
final Date expirationDate = new Date(System.currentTimeMillis() + expiredSeconds * 1000);
|
return generateToken(jwtPayLoad.getUserId(), expirationDate, jwtPayLoad.toMap());
|
}
|
|
|
/**
|
* 生成token,根据userId和默认过期时间
|
*/
|
public static String generateTokenForZb(Long userId,String userType,String userInfo,RedisTemplate<String,Object> redisTemplate) {
|
String tokenKey = UUID.randomUUID() + "_" + userId;
|
redisTemplate.opsForValue().set(userType + "_" +tokenKey,userInfo,redisExpire,TimeUnit.HOURS);
|
return tokenKey;
|
}
|
|
/**
|
* 验证token是否失效
|
*/
|
public static Boolean isTokenExpired(String token) {
|
try {
|
final Date expiration = getExpirationDateFromToken(token);
|
return expiration.before(new Date());
|
} catch (ExpiredJwtException expiredJwtException) {
|
return true;
|
}
|
}
|
|
/**
|
* 生成token,根据userId和默认过期时间
|
*/
|
public static String generateTokenOld(JwtPayLoad jwtPayLoad) {
|
Long expiredSeconds = getExpireSeconds();
|
final Date expirationDate = new Date(System.currentTimeMillis() + expiredSeconds * 1000);
|
return generateToken(jwtPayLoad.getUserId(), expirationDate, jwtPayLoad.toMap());
|
}
|
|
/**
|
* 获取jwt的payload部分
|
*/
|
public static JwtPayLoad getJwtPayLoad(String token) {
|
Claims claimFromToken = getClaimFromToken(token);
|
return JwtPayLoad.toBean(claimFromToken);
|
}
|
|
/**
|
* 解析token是否正确(true-正确, false-错误)
|
*/
|
public static Boolean checkToken(String token) {
|
try {
|
String jwtSecret = getJwtSecret();
|
Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody();
|
return true;
|
} catch (JwtException e) {
|
return false;
|
}
|
}
|
|
/**
|
* 验证token是否失效
|
*/
|
public static Boolean isTokenExpiredOld(String token) {
|
try {
|
final Date expiration = getExpirationDateFromToken(token);
|
return expiration.before(new Date());
|
} catch (ExpiredJwtException expiredJwtException) {
|
return true;
|
}
|
}
|
|
// 从token中获取用户ID
|
public static String getUserId(String token){
|
return getClaimFromToken(token).getSubject();
|
}
|
|
/**
|
* 获取jwt失效时间
|
*/
|
public static Date getExpirationDateFromToken(String token) {
|
return getClaimFromToken(token).getExpiration();
|
}
|
|
/**
|
* 生成token,根据userId和过期时间
|
*/
|
public static String generateToken(Long userId, Date exppiredDate, Map<String, Object> claims) {
|
|
final Date createdDate = new Date();
|
String secret = getJwtSecret();
|
|
if (claims == null) {
|
return Jwts.builder()
|
.setSubject(userId.toString())
|
.setIssuedAt(createdDate)
|
.setExpiration(exppiredDate)
|
.signWith(SignatureAlgorithm.HS512, secret)
|
.compact();
|
} else {
|
return Jwts.builder()
|
.setClaims(claims)
|
.setSubject(userId.toString())
|
.setIssuedAt(createdDate)
|
.setExpiration(exppiredDate)
|
.signWith(SignatureAlgorithm.HS512, secret)
|
.compact();
|
}
|
}
|
|
|
|
/**
|
* 获取jwt的payload部分
|
*/
|
public static Claims getClaimFromToken(String token) {
|
if (StringUtils.isBlank(token)) {
|
throw new IllegalArgumentException("token参数为空!");
|
}
|
String jwtSecret = getJwtSecret();
|
return Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody();
|
}
|
|
/**
|
* 获取系统地密钥
|
*/
|
private static String getJwtSecret() {
|
return jwtSecret;
|
}
|
|
/**
|
* 获取系统地密钥过期时间(单位:秒)
|
*/
|
private static Long getExpireSeconds() {
|
return expire;
|
}
|
}
|
