Google fragmented notes JWT (Draft)

Introduce dependencies

		<dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.9.1</version>
        </dependency>

Go straight to the code

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
private String getJWT(UserModel po,long ttlMillis){
    
        //  Specify the signature algorithm to use when signing , That is to say header The part ,jjwt This part has been encapsulated .
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;

        //  Generate JWT Time for 
        long nowMillis = System.currentTimeMillis();
        Date now = new Date(nowMillis);

        //  establish payload Private statement of （ Add... Based on specific business needs , If you want to verify this , It's usually need and jwt The receiver has communicated the verification method well in advance ）
        Map<String, Object> claims = new HashMap<String, Object>();
        claims.put("username", po.getUserName());
        claims.put("password", po.getPassword());

        // The secret key used when generating the signature secret, This method is encapsulated locally , Generally, it can be read from the local configuration file , Remember that this secret key cannot be exposed . It is the private key of your server , It should not be revealed in any scene . Once the client knows this secret,  That means that the client can issue itself jwt 了 .
        String key = "mySecret";

        // Generate signer 
        String subject = "guy";

        // Here's why payload Added various standard and private statements 
        String compactJWT = Jwts.builder()
                // header head 
                .setHeaderParam("type", "JWT")
                .setHeaderParam("alg", "HS256")
                // payload load 
                .claim("userName", po.getUserName())
                .claim("role", "admin")
                .setSubject("title")
                .setExpiration(new Date(nowMillis + ttlMillis))
                .setId(UUID.randomUUID().toString())
                // signature Signature 
                .signWith(signatureAlgorithm, sugnature)
                .compact();
        return compactJWT;
    }