From eb07c7f1815ac1df66ea0445023bda54f82c2fa9 Mon Sep 17 00:00:00 2001 From: zhaoxinguo Date: Mon, 10 Dec 2018 19:35:49 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E5=A2=9E=E5=8A=A0token=E5=88=B7=E6=96=B0?= =?UTF-8?q?=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../web/springbootdemo2/SpringbootDemo2ApplicationTests.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/test/java/boss/portal/web/springbootdemo2/SpringbootDemo2ApplicationTests.java b/src/test/java/boss/portal/web/springbootdemo2/SpringbootDemo2ApplicationTests.java index 70894bf..b9ddc44 100644 --- a/src/test/java/boss/portal/web/springbootdemo2/SpringbootDemo2ApplicationTests.java +++ b/src/test/java/boss/portal/web/springbootdemo2/SpringbootDemo2ApplicationTests.java @@ -11,6 +11,8 @@ public class SpringbootDemo2ApplicationTests { @Test public void contextLoads() { + long refreshPeriodTime = 36000L; //seconds为单位,10 hours + System.out.println(refreshPeriodTime >> 1); } } -- Gitee From 4048822ec89e998723b4adc9829def8d03414f5f Mon Sep 17 00:00:00 2001 From: zhaoxinguo Date: Tue, 12 Feb 2019 09:15:26 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E4=BA=86token=E5=88=B7?= =?UTF-8?q?=E6=96=B0=E6=9C=BA=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../boss/portal/filter/JWTLoginFilter.java | 10 +- src/main/java/boss/portal/util/JwtHelper.java | 110 ++++++++++++++++++ src/main/resources/application.properties | 6 + 3 files changed, 122 insertions(+), 4 deletions(-) create mode 100644 src/main/java/boss/portal/util/JwtHelper.java diff --git a/src/main/java/boss/portal/filter/JWTLoginFilter.java b/src/main/java/boss/portal/filter/JWTLoginFilter.java index 1c3de2d..5915fcf 100644 --- a/src/main/java/boss/portal/filter/JWTLoginFilter.java +++ b/src/main/java/boss/portal/filter/JWTLoginFilter.java @@ -65,15 +65,17 @@ public class JWTLoginFilter extends UsernamePasswordAuthenticationFilter { for (GrantedAuthority grantedAuthority : authorities) { roleList.add(grantedAuthority.getAuthority()); } - // 设置过期时间 Calendar calendar = Calendar.getInstance(); + Date now = calendar.getTime(); + // 设置签发时间 calendar.setTime(new Date()); - /*calendar.add(Calendar.DAY_OF_MONTH, 30);*///30天 - calendar.add(Calendar.MINUTE, 1);// 1分钟 + // 设置过期时间 + calendar.add(Calendar.MINUTE, 10);// 10分钟 Date time = calendar.getTime(); token = Jwts.builder() .setSubject(auth.getName() + "-" + roleList) - .setExpiration(time) + .setIssuedAt(now)//签发时间 + .setExpiration(time)//过期时间 .signWith(SignatureAlgorithm.HS512, ConstantKey.SIGNING_KEY) //采用什么算法是可以自己选择的,不一定非要采用HS512 .compact(); // 登录成功后,返回token到header里面 diff --git a/src/main/java/boss/portal/util/JwtHelper.java b/src/main/java/boss/portal/util/JwtHelper.java new file mode 100644 index 0000000..7cf08b6 --- /dev/null +++ b/src/main/java/boss/portal/util/JwtHelper.java @@ -0,0 +1,110 @@ +package boss.portal.util; + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.JwtBuilder; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import org.springframework.beans.factory.annotation.Value; + +import javax.crypto.spec.SecretKeySpec; +import javax.xml.bind.DatatypeConverter; +import java.security.Key; +import java.util.Date; + +/** + * @FileName: JwtHelper + * @Author: zhaoxinguo + * @Date: 2018/12/10 19:39 + * @Description: 实现Jwt + */ +public class JwtHelper { + + @Value("${jwt.expiration}") + public long expiration;//token超时时间 + + @Value("${jwt.secret}") + public String base64Security; + + /** + * 解析token + * @param jsonWebToken + * @return + */ + public Claims parseToken(String jsonWebToken) { + + Claims claims = Jwts.parser().setSigningKey(DatatypeConverter.parseBase64Binary(base64Security)) + .parseClaimsJws(jsonWebToken).getBody(); + return claims; + + } + + /** + * 新建token + + * @param audience + * @param issuer + + * @return + */ + public String createToken(String audience, + String issuer) { + SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; + + long nowMillis = System.currentTimeMillis(); + Date now = new Date(nowMillis); + + // 生成签名密钥 + byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Security); + Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName()); + + // 添加构成JWT的参数 + JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT").setIssuer(issuer).setAudience(audience) + .signWith(signatureAlgorithm, signingKey); + + // 添加Token签发时间 + builder.setIssuedAt(now); + // 添加Token过期时间 + if (expiration >= 0) { + long expMillis = nowMillis + expiration; + Date exp = new Date(expMillis); + builder.setExpiration(exp).setNotBefore(now); + } + + // 生成JWT + return builder.compact(); + } + + /** + * 刷新令牌 + * + * @param claims + * @return + */ + public String refreshToken(Claims claims) { + SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256; + + long nowMillis = System.currentTimeMillis(); + Date now = new Date(nowMillis); + + // 生成签名密钥 + byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Security); + Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName()); + + // 添加构成JWT的参数 + JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT") + .setIssuer((String) claims.get("iss")).setAudience((String) claims.get("aud")) + .signWith(signatureAlgorithm, signingKey); + + // 添加Token签发时间 + builder.setIssuedAt(now); + // 添加Token过期时间 + if (expiration >= 0) { + long expMillis = nowMillis + expiration; + Date exp = new Date(expMillis); + builder.setExpiration(exp).setNotBefore(now); + } + + // 生成Token + return builder.compact(); + } +} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 299892f..47598db 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -7,3 +7,9 @@ spring.jpa.hibernate.ddl-auto=update spring.jpa.show-sql=true spring.jackson.serialization.indent_output=true +# JWT Config +jwt.header=Authorization +jwt.secret=NDU0NTY4amhmc3NkeHp6eGNxdzIlMjFAJTIxQCUyM2ZmNQ== +#120 +jwt.expiration=7200000 + -- Gitee