1、pom依赖
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.9.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>2.2.9.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
<version>2.2.2.RELEASE</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>4.2.1</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.12.5</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
2、JwtTokenUtil工具类
package com.nancal.util;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import org.apache.tomcat.util.codec.binary.Base64;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
/**
* JWT工具类
*
* @since 2024-05-11
* @author zhouwb
*
*/
public class JwtTokenUtil {
/**
* token过期时间
* 24小时
*/
private static final long EXPIRE_TIME = 24 * 60 * 60 * 1000;
// 证书文件
private static String keyLocation = "pdm.jks";
// 秘钥库密码
private static String keystorePassword = "Gacrnd#123";
// 秘钥密码
private static String keypassword = "Gacrnd#123";
// 秘钥别名
private static String alias = "pdm";
/**
* 获取jwt token
*
* 签名选用PS512算法
* RSA算法
* @return
*/
public static String getJwtToken() {
// 访问证书路径
ClassPathResource resource = new ClassPathResource(keyLocation);
//密钥工厂
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(resource, keystorePassword.toCharArray());
// 密钥对(私钥和公钥)
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(alias, keypassword.toCharArray());
// 私钥
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map<String, String> payLoadMap = new HashMap<>();
// 一个系统用一个唯一标识,默认iDME
payLoadMap.put("userId", "iDME");
payLoadMap.put("userName", "sysadmin");
// 设置过期时间
Date expirDate = new Date(System.currentTimeMillis() + EXPIRE_TIME);
String token = Jwts.builder()
.claims(payLoadMap)
.expiration(expirDate)
.issuedAt(new Date())
.signWith(privateKey, Jwts.SIG.PS512)
.compact();
return token;
}
/**
* 校验
*
* @param token
* @return
*/
public static Claims verify (String token) {
// 访问证书路径
ClassPathResource resource = new ClassPathResource(keyLocation);
//秘钥工厂
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(resource, keystorePassword.toCharArray());
// 秘钥对(秘钥和公钥)
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(alias, keypassword.toCharArray());
PublicKey publicKey = keyPair.getPublic();
Claims payload = Jwts.parser()
.verifyWith(publicKey)
.build()
.parseSignedClaims(token)
.getPayload();
return payload;
}
/**
* 获取公钥
*
* @return
*/
public static String getPublicKey() {
// 访问证书路径
ClassPathResource resource = new ClassPathResource(keyLocation);
//秘钥工厂
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(resource, keystorePassword.toCharArray());
// 秘钥对(秘钥和公钥)
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(alias, keypassword.toCharArray());
String publicKey = Base64.encodeBase64String(keyPair.getPublic().getEncoded());
return publicKey;
}
/**
* 获取私钥
*
* @return
*/
public static String getPrivateKey() {
// 访问证书路径
ClassPathResource resource = new ClassPathResource(keyLocation);
//秘钥工厂
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(resource, keystorePassword.toCharArray());
// 秘钥对(秘钥和公钥)
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(alias, keypassword.toCharArray());
String privateKey = Base64.encodeBase64String(keyPair.getPrivate().getEncoded());
return privateKey;
}
}
3、JwtApplication 启动类
package com.nancal;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
@SpringBootApplication(exclude = {SecurityAutoConfiguration.class,
ManagementWebSecurityAutoConfiguration.class})
public class JwtApplication {
public static void main(String[] args) {
SpringApplication.run(JwtApplication.class, args);
}
}
4、JwtController控制器
package com.nancal.controller;
import com.nancal.util.JwtTokenUtil;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
@RestController
@RequestMapping("/jwt")
public class JwtController {
@GetMapping("/token")
public Map search() {
String jwtToken = JwtTokenUtil.getJwtToken();
Map<String, String> resultMap = new HashMap<>();
resultMap.put("token", jwtToken);
resultMap.put("state", "success");
return resultMap;
}
}
5、秘钥文件pdm.jks
5、测试
