当前位置:网站首页>JWT快速入门

JWT快速入门

2022-07-26 07:28:00 STATICHIT静砸

· 什么是JWT?

        JSON Web Token。通过数字签名的方式,以JSON对象为载体,在不同的服务器终端之间安全的传输信息。

· JWT有什么用?

        JWT最常见的场景就是授权认证,一旦用户登录,后续每个请求都将包含JWT,系统在每次处理用户请求的之前,都要先进行JWT安全校验,通过之后再进行处理。

· JWT的组成:

        JWT由3部分组成,并用 . 拼接

例如: 

这三部分分别是(例如):

 · Header

 · Payload

 · Signatrue

首先,要实现jwt还需要导入一些包(下面省略了json)

        <!--JWT-->
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.9.1</version>
        </dependency>

        <dependency>
            <groupId>javax.xml.bind</groupId>
            <artifactId>jaxb-api</artifactId>
            <version>2.3.0</version>
        </dependency>

        <dependency>
            <groupId>com.sun.xml.bind</groupId>
            <artifactId>jaxb-impl</artifactId>
            <version>2.3.0</version>
        </dependency>

        <dependency>
            <groupId>com.sun.xml.bind</groupId>
            <artifactId>jaxb-core</artifactId>
            <version>2.3.0</version>
        </dependency>

        <dependency>
            <groupId>javax.activation</groupId>
            <artifactId>activation</artifactId>
            <version>1.1.1</version>
        </dependency>

 实践:创建token和提取token中的数据

import io.jsonwebtoken.*;
import java.util.Date;
import java.util.UUID;

public class JWT {

    private long time = 1000*60*60*24;
    private String signature = "admin";
    @org.junit.Test
    public void makeJWT(){
        JwtBuilder jwtBuilder = Jwts.builder();
        String jwtToken = jwtBuilder
                //header
                .setHeaderParam("typ","JWT")
                .setHeaderParam("alg","HS256")
                //payload
                .claim("username","tom")
                .claim("role","admin")
                .setSubject("admin-test")
                .setExpiration(new Date(System.currentTimeMillis()+time))
                .setId(UUID.randomUUID().toString())
                //signature
                .signWith(SignatureAlgorithm.HS256,signature)
                .compact();
        System.out.println(jwtToken);
    }

    @org.junit.Test
    public void parse(){
        String token ="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NTg4MjMyODEsImp0aSI6ImE1Y2M3Y2IzLTM4NTItNGJmYS05NjAyLTllYjdjNTY2MjY5NCJ9.WOP5_VomcD_Ds1fgRlydAGPWIHBWtoiPqPJLxR93Q6o";
        JwtParser jwtParser = Jwts.parser();
        Jws<Claims> claimsJws = jwtParser.setSigningKey(signature).parseClaimsJws(token);
        Claims claims = claimsJws.getBody();
        System.out.println(claims.get("username"));
        System.out.println(claims.get("role"));
        System.out.println(claims.getId());
        System.out.println(claims.getSubject());
        System.out.println(claims.getExpiration());
    }
}

第一个和第二个测试分别得到的结果是:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6InRvbSIsInJvbGUiOiJhZG1

pbiIsInN1YiI6ImFkbWluLXRlc3QiLCJleHAiOjE2NTg4MjMyODEsImp0aSI6ImE1Y2M3Y2IzL

TM4NTItNGJmYS05NjAyLTllYjdjNTY2MjY5NCJ9.WOP5_VomcD_Ds1fgRlydAGPWIHBWto

iPqPJLxR93Q6o

 

原网站

版权声明
本文为[STATICHIT静砸]所创,转载请带上原文链接,感谢
https://blog.csdn.net/m0_62742402/article/details/125976605

边栏推荐

猜你喜欢

随机推荐